Bird_banner_small4
HPE Intelligent Management Center FileUploadServlet Directory Traversal
TSL ID TSL20170313-06
CVE ID(s) CVE-2017-5794
Severity Critical
Description

A directory traversal vulnerability has been reported in HPE Intelligent Management Center. The vulnerability is due to a lack of proper input sanitization on multipart form-data requests in FileUploadServlet.

A remote attacker can exploit this vulnerability by sending a maliciously crafted HTTP request. Successful exploitation could result in the execution of arbitrary code under the context of the SYSTEM user.

The vendor, HPE, has released the following advisory regarding this vulnerability:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03715en_us

Affected Products
  • HP Intelligent Management Center 7.2 E0403P06
CVSS Score Base 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C):
  • Access vector is NETWORK
  • Access complexity is LOW
  • Level of authentication required is NONE
  • Impact of this vulnerability on data confidentiality is COMPLETE
  • Impact of this vulnerability on data integrity is COMPLETE
  • Impact of this vulnerability on data availability is COMPLETE
Temporal 7.4 (E:U/RL:OF/RC:C):
  • The exploitability level of this vulnerability is UNPROVEN
  • The remediation level of this vulnerability is OFFICIAL FIX
  • The report confidence level of this vulnerability is CONFIRMED
Identifiers
ZDI
References https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03715en_us
Related Threats TSL20170313-05 - HPE Intelligent Management Center UrlAccessController Authentication Bypass