Description
A remote code execution vulnerability in HP UCMDB Foundation Software versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, and 10.33, could be remotely exploited to allow code execution.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/101251
Third Party Advisory x_refsource_misc
https://www.tenable.com/security/research/tra-2017-32
Vendor Advisory x_refsource_confirm
https://softwaresupport.hpe.com/km/KM02977984
Various Sources third-party-advisory
x_refsource_auscert
https://www.auscert.org.au/bulletins/53150
Scores
CVSS v3
8.8
EPSS
0.0136
EPSS Percentile
80.4%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-94
Status
published
Products (9)
hp/ucmdb_foundation_software
10.10
hp/ucmdb_foundation_software
10.11
hp/ucmdb_foundation_software
10.20
hp/ucmdb_foundation_software
10.21
hp/ucmdb_foundation_software
10.22
hp/ucmdb_foundation_software
10.30
hp/ucmdb_foundation_software
10.31
hp/ucmdb_foundation_software
10.32
hp/ucmdb_foundation_software
10.33
Published
Oct 05, 2017
Tracked Since
Feb 18, 2026