HPE Intelligent Management Center Service Operation Management Flaw

A vulnerability was reported in HPE Intelligent Management Center Service Operation Management. A remote user can obtain files on the target system.

A remote user can send a specially crafted request to download arbitrary files on the target system.

Tenable Inc. reported this vulnerability. Impact:   A remote user can obtain files on the target system.

Solution:   HPE has issued a fix (SOM 7.3 E0501P01).

RESOLUTION

HPE has made the following software updates to resolve the vulnerability in Intelligent Management Center Service Operation Management. The updates that address the vulnerability are in version 7.3 E0501P01.

  • iMC SOM – Version: Fixed in IMC SOM 7.3 E0501P01
    • HP Network Products
      • JG139A HPE IMC Service Operation Management Software Module License
      • JG139AAE HPE IMC Service Operation Management Software Module E-LTU

The HPE advisory is available at:

Vendor URL:  h20565.www2.hpe.com/hpsc/doc/public/display?docId=hpesbhf03776en_us

CVE Reference:   CVE-2017-12555





Duncan Newell

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this:

Notice: ob_end_flush(): failed to send buffer of zlib output compression (0) in /home/systemte/public_html/wp-includes/functions.php on line 4339