CVE-2017-5792
CRITICALHP Intelligent Management Center - Insecure Deserialization
Title source: ruleDescription
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.
Exploits (2)
nomisec
WORKING POC
1 stars
by scanfsec · poc
https://github.com/scanfsec/HPE-iMC-7.3-RMI-Java-Deserialization
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/43927/
Third Party Advisory x_refsource_misc
https://www.tenable.com/security/research/tra-2017-18
Vendor Advisory x_refsource_confirm
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03713en_us
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/96769
Third Party Advisory x_refsource_misc
https://www.tenable.com/security/research/tra-2018-01
Vendor Advisory x_refsource_confirm
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03815en_us
Scores
CVSS v3
9.8
EPSS
0.8079
EPSS Percentile
99.2%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-502
Status
published
Products (1)
hp/intelligent_management_center
7.3 e0504p02
Published
Feb 15, 2018
Tracked Since
Feb 18, 2026