CVE-2017-12557

Name of the Vulnerable Software and Affected Versions: HPE Intelligent Management Center PLAT version IMC Plat 7.3 E0504P2 and earlier

Description: A Remote Code Execution issue was discovered, related to the deserialization of untrusted data in the WebDMDebugServlet component. This allows a remote attacker to execute arbitrary code in the context of SYSTEM by exploiting the vulnerability, which is associated with the recovery of an untrusted data structure in memory.

Recommendations: For HPE Intelligent Management Center PLAT version IMC Plat 7.3 E0504P2 and earlier, consider disabling the WebDMDebugServlet component as a temporary workaround until a patch is available. Restrict access to this component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.