CVE-2017-5791

Name of the Vulnerable Software and Affected Versions HPE Intelligent Management Center PLAT version 7.2 E0403P06

Description The issue is related to the doFilter method in the UrlAccessController class, which has weaknesses in its authentication procedure. This can be exploited by a remote attacker to bypass authentication using a specially crafted string in a URI.

Recommendations For HPE Intelligent Management Center PLAT version 7.2 E0403P06, consider restricting access to the UrlAccessController class until a patch is available. As a temporary workaround, avoid using unspecified strings in URI requests to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.