Description
A Remote Code Execution vulnerability in HPE OpenCall Media Platform (OCMP) was found. The vulnerability impacts OCMP versions prior to 3.4.2 RP201 (for OCMP 3.x), all versions prior to 4.4.7 RP702 (for OCMP 4.x).
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Paolo Stagno · textwebappsmultiple
https://www.exploit-db.com/exploits/41927
References (3)
Core 3
Core References
Exploit, Third Party Advisory, VDB Entry exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/41927/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/98013
Vendor Advisory x_refsource_confirm
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03686en_us
Scores
CVSS v3
8.8
EPSS
0.1372
EPSS Percentile
94.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-74
Status
published
Products (1)
hp/opencall_media_platform
3.0.0 - 3.4.2
Published
Feb 15, 2018
Tracked Since
Feb 18, 2026