CVE-2013-4823

HP Intelligent Management Center and IMC Branch Intelligent Management System Software Module - Information Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-4823. Includes Metasploit module auxiliary/scanner/http/hp_imc_bims_downloadservlet_traversal.

AI-analyzed exploit summary This Metasploit module exploits a directory traversal vulnerability in HP Intelligent Management Center's BIMS DownloadServlet to retrieve arbitrary files with SYSTEM privileges. It sends a crafted HTTP request to bypass authentication and access files outside the intended directory.

Description

Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (aka BIMS) allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1607.

Exploits (1)

metasploit WORKING POC

rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/hp_imc_bims_downloadservlet_traversal.rb

View Code ZIP pw:eip

This Metasploit module exploits a directory traversal vulnerability in HP Intelligent Management Center's BIMS DownloadServlet to retrieve arbitrary files with SYSTEM privileges. It sends a crafted HTTP request to bypass authentication and access files outside the intended directory.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: HP Intelligent Management Center 5.1 E0202 with BIMS 5.1 E0201

No auth needed

Prerequisites: Network access to the target system · HP IMC with BIMS component exposed on port 8080

MITRE ATT&CK

T1006 - Direct Volume Access T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory x_refsource_hp

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03943425

Scores

EPSS 0.3754

EPSS Percentile 98.3%

Details

Status published

Products (7)

hp/imc_branch_intelligent_management_system_software_module 5.0

hp/imc_branch_intelligent_management_system_software_module 5.1

hp/imc_branch_intelligent_management_system_software_module 5.2

hp/intelligent_management_center

hp/intelligent_management_center 5.0 (6 CPE variants)

hp/intelligent_management_center 5.1 (2 CPE variants)

hp/intelligent_management_center 5.2

Published Oct 13, 2013

Tracked Since Feb 18, 2026