Bird_banner_small4
HPE Intelligent Management Center dbman FileTrans Arbitrary File Write
TSL ID TSL20170515-06
CVE ID(s) CVE-2017-5822
Severity Critical
Description

An arbitrary file write vulnerability has been reported in the dbman component of HPE Intelligent Management Center. The vulnerability is due to lack of authentication on FileTrans commands, used to transfer files to the host running dbman.

A remote, unauthenticated attacker can exploit the vulnerability by sending a maliciously crafted packet to the target server. Successful exploitation could result in an arbitrary file write, which could lead to remote code execution on the target server in the context of SYSTEM or root.

The vendor, HPE, has released the following advisory regarding the vulnerability:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03746en_us

Affected Products
  • HP Intelligent Management Center prior to 7.3 E0504P04
CVSS Score Base 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C):
  • Access vector is NETWORK
  • Access complexity is LOW
  • Level of authentication required is NONE
  • Impact of this vulnerability on data confidentiality is COMPLETE
  • Impact of this vulnerability on data integrity is COMPLETE
  • Impact of this vulnerability on data availability is COMPLETE
Temporal 7.4 (E:U/RL:OF/RC:C):
  • The exploitability level of this vulnerability is UNPROVEN
  • The remediation level of this vulnerability is OFFICIAL FIX
  • The report confidence level of this vulnerability is CONFIRMED
Identifiers
ZDI
References https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03746en_us
Related Threats