| Vulnerability Name: | CVE-2017-12526 (CCN-130358) | ||||||||||||
| Assigned: | 2017-08-11 | ||||||||||||
| Published: | 2017-08-11 | ||||||||||||
| Updated: | 2018-02-23 | ||||||||||||
| Summary: | A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version. | ||||||||||||
| CVSS v3 Severity: | 8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) 7.7 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
7.7 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 9.0 High (CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C)
| ||||||||||||
| Vulnerability Type: | CWE-20 | ||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2017-12526 Source: BID Type: Third Party Advisory, VDB Entry 100367 Source: CCN Type: BID-100367 HP Intelligent Management Center PLAT Multiple Remote Code Execution Vulnerabilities Source: SECTRACK Type: Third Party Advisory, VDB Entry 1039152 Source: XF Type: UNKNOWN hpe-cve201712526-code-exec(130358) Source: CONFIRM Type: Vendor Advisory https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us Source: CCN Type: ZDI-17-690 Hewlett Packard Enterprise Intelligent Management Center wmiConfigContent Expression Language Injection Remote Code Execution Vulnerability | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||