CVE-2017-12500

HIGH

HP Intelligent Management Center - Improper Input Validation

Title source: rule

Description

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.

Exploits (1)

exploitdb WORKING POC

by TrendyTofu · rubyremotewindows

https://www.exploit-db.com/exploits/44648

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/100367

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1039152

[Vendor Advisory] https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/44648/

Scores

CVSS v3 8.8

EPSS 0.0919

EPSS Percentile 92.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-20

Status published

Affected Products (1)

hp/intelligent_management_center

Timeline

Published Feb 15, 2018

Tracked Since Feb 18, 2026