CVE-2018-7074

Name of the Vulnerable Software and Affected Versions HPE Intelligent Management Center (iMC) PLAT versions prior to 7.3 E0605P04

Description A remote code execution issue was identified. The estimated number of potentially affected devices worldwide is not available. Details about real-world incidents where this issue was exploited are not provided. Technical details about exploitation include a stack-based buffer overflow in the tftpserver component, specifically in the getFileData function.

Recommendations For versions prior to 7.3 E0605P04, update to iMC PLAT 7.3 E0605P04 or a subsequent version to resolve the issue. As a temporary workaround, consider restricting access to the tftpserver component until a patch is available.