CVE-2017-14351
CRITICALHP UCMDB Configuration Manager 10.10-10.23 - Remote Code Execution
Title source: llmDescription
A potential security vulnerability has been identified in HP UCMDB Configuration Manager versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.23. These vulnerabilities could be remotely exploited to allow code execution.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://softwaresupport.hpe.com/km/KM02968622
Third Party Advisory x_refsource_misc
https://www.tenable.com/security/research/tra-2017-32
Scores
CVSS v3
9.8
EPSS
0.0256
EPSS Percentile
85.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (6)
hp/ucmdb_configuration_manager
10.10
hp/ucmdb_configuration_manager
10.11
hp/ucmdb_configuration_manager
10.20
hp/ucmdb_configuration_manager
10.21
hp/ucmdb_configuration_manager
10.22
hp/ucmdb_configuration_manager
10.23
Published
Sep 30, 2017
Tracked Since
Feb 18, 2026