CVE-2017-8958 : A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC)

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 and earlier was found.

Published 2018-02-15 22:29:08

Updated 2018-03-06 13:31:19

View at NVD, CVE.org

Vulnerability category: Execute code

Products affected by CVE-2017-8958

HP » Intelligent Management Center
Versions up to, including, (<=) 7.3
cpe:2.3:a:hp:intelligent_management_center:*:*:*:*:*:*:*:*
Matching versions
HP » Intelligent Management Center » Version: 7.3 Update E0504p04
cpe:2.3:a:hp:intelligent_management_center:7.3:e0504p04:*:*:*:*:*:*
Matching versions

EPSS FAQ

3.04%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 85 %

Percentile, the proportion of vulnerabilities that are scored at or less

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C	8.6	10.0	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
8.8	HIGH	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H	2.8	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: High Availability: High

http://www.securityfocus.com/bid/101202

HP Intelligent Management Center CVE-2017-8958 Remote Code Execution Vulnerability
Third Party Advisory;VDB Entry
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03786en_us

HPESBHF03786 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution
Vendor Advisory

Jump to