Vulnerability Details : CVE-2017-5786
A local Unauthorized Data Modification vulnerability in HPE OfficeConnect Network Switches version PT.02.01 including PT.01.03 through PT.01.14
Products affected by CVE-2017-5786
- HP » Officeconnect 1820 8g Switch J9979a FirmwareVersions after (>) pt.01.03 and up to, including, (<=) pt.01.14cpe:2.3:o:hp:officeconnect_1820_8g_switch_j9979a_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:officeconnect_1820_8g_switch_j9979a_firmware:pt.02.01:*:*:*:*:*:*:*
- HP » Officeconnect 1820 24g Poe+ (185w) Switch J9983a FirmwareVersions from including (>=) pt.01.03 and up to, including, (<=) pt.01.14cpe:2.3:o:hp:officeconnect_1820_24g_poe\+_\(185w\)_switch_j9983a_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:officeconnect_1820_24g_poe\+_\(185w\)_switch_j9983a_firmware:pt.02.01:*:*:*:*:*:*:*
- HP » Officeconnect 1820 24g Switch J9980a FirmwareVersions from including (>=) pt.01.03 and up to, including, (<=) pt.01.14cpe:2.3:o:hp:officeconnect_1820_24g_switch_j9980a_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:officeconnect_1820_24g_switch_j9980a_firmware:pt.02.01:*:*:*:*:*:*:*
- HP » Officeconnect 1820 48g Poe+ (370w) Switch J9984a FirmwareVersions from including (>=) pt.01.03 and up to, including, (<=) pt.01.14cpe:2.3:o:hp:officeconnect_1820_48g_poe\+_\(370w\)_switch_j9984a_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:officeconnect_1820_48g_poe\+_\(370w\)_switch_j9984a_firmware:pt.02.01:*:*:*:*:*:*:*
- HP » Officeconnect 1820 48g Switch J9981a FirmwareVersions from including (>=) pt.01.03 and up to, including, (<=) pt.01.14cpe:2.3:o:hp:officeconnect_1820_48g_switch_j9981a_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:officeconnect_1820_48g_switch_j9981a_firmware:pt.02.01:*:*:*:*:*:*:*
- HP » Officeconnect 1820 8g Poe+ (65w) Switch J9982a FirmwareVersions from including (>=) pt.01.03 and up to, including, (<=) pt.01.14cpe:2.3:o:hp:officeconnect_1820_8g_poe\+_\(65w\)_switch_j9982a_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:officeconnect_1820_8g_poe\+_\(65w\)_switch_j9982a_firmware:pt.02.01:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-5786
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 10 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-5786
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:N/I:P/A:N |
3.9
|
2.9
|
NIST | |
5.5
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
1.8
|
3.6
|
NIST |
References for CVE-2017-5786
-
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05388948
HPESBHF03704 rev.1 - HPE OfficeConnect Network Switches, Local Unauthorized Data ModificationVendor Advisory
-
http://www.securityfocus.com/bid/96149
HP OfficeConnect Network Switches CVE-2017-5786 Local Security Bypass VulnerabilityThird Party Advisory;VDB Entry
Jump to