CVE-2017-12513

Name of the Vulnerable Software and Affected Versions HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504)

Description A Remote Code Execution issue was found in HPE Intelligent Management Center (iMC) PLAT, related to insufficient input validation in the perfSelectTask.xhtml component. This allows a remote attacker to execute arbitrary code using the beanName parameter.

Recommendations For HPE Intelligent Management Center PLAT version PLAT 7.3 (E0504), update to HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version to resolve the issue. As a temporary workaround, consider restricting access to the perfSelectTask.xhtml component to minimize the risk of exploitation.