PT-2017-3554 · Hewlett Packard · Hpe Intelligent Management Center Plat

Published

2017-06-30

Updated

2018-03-06

CVE-2017-8957

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: HPE Intelligent Management Center PLAT version 7.2

Description: The issue exists due to insufficient input validation in the dbman service of the HPE Intelligent Management Center PLAT platform. This allows a remote attacker to execute arbitrary code.

Recommendations: For version 7.2, update to a version that includes the fix for this issue, as the current version is affected by the remote code execution vulnerability.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2018-00451

CVE-2017-8957

ZDI-17-481

Affected Products

Hpe Intelligent Management Center Plat

PT-2017-3554 · Hewlett Packard · Hpe Intelligent Management Center Plat

CVE-2017-8957

Weakness Enumeration

Related Identifiers

Affected Products

References · 6