CVE-2017-5817

CRITICAL

HP Intelligent Management Center < 7.3 - Improper Input Validation

Title source: rule

Description

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/43492
exploitdb WORKING POC VERIFIED
by Chris Lyne · pythonremotewindows
https://www.exploit-db.com/exploits/43195
metasploit WORKING POC EXCELLENT
by sztivi, Chris Lyne, bcoles · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/hp_imc_dbman_restoredbase_unauth_rce.rb

References (4)

Scores

CVSS v3 9.8
EPSS 0.8255
EPSS Percentile 99.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-20
Status published

Affected Products (4)

hp/intelligent_management_center < 7.3
hp/intelligent_management_center
hp/intelligent_management_center
hp/intelligent_management_center

Timeline

Published Feb 15, 2018
Tracked Since Feb 18, 2026