CVE-2017-8961

Name of the Vulnerable Software and Affected Versions: HPE Intelligent Management Center PLAT version 7.3 E0504P02

Description: The issue is related to a directory traversal vulnerability in the flexFileUpload component of HPE Intelligent Management Center PLAT. This vulnerability is due to insufficient path name checking, which could allow a remote attacker to execute arbitrary code with root privileges.

Recommendations: For version 7.3 E0504P02, consider restricting access to the flexFileUpload component until a patch is available. As a temporary workaround, limit the privileges of the affected component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.