Detections
Analytics
HPE Intelligent Management Center dbman Opcode 10008 Command Injection
critical Nessus Plugin ID 100870
Language:
Synopsis
A network management system running on the remote host is affected by a command injection vulnerability.Description
The HPE Intelligent Management Center (iMC) PLAT running on the remote host is affected by a command injection vulnerability in the dbman service due to improper validation of user-supplied input before passing it to a system call. An unauthenticated, remote attacker can exploit this, via a specially crafted opcode 10008 request, to inject and execute arbitrary OS commands with SYSTEM or root privileges.Note that the HP iMC dbman service running on the remote host is reportedly affected by additional vulnerabilities; however, Nessus has not tested for these.
Solution
Upgrade the HPE iMC version to 7.3 E0504P04 or later.See Also
Plugin Details
Severity: Critical
ID: 100870
File Name: hp_imc_dbman_cve-2017-5816.nbin
Version: 1.109
Type: remote
Family: Misc.
Published: 6/19/2017
Updated: 11/12/2024
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 8.3
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2017-5816
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 9.1
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:hp:intelligent_management_center
Required KB Items: Host/OS, installed_sw/HP Intelligent Management Center Web Interface
Exploit Available: true
Exploit Ease: Exploits are available
Exploited by Nessus: true
Patch Publication Date: 5/11/2017
Vulnerability Publication Date: 5/11/2017
Exploitable With
CANVAS (CANVAS)
Metasploit (HPE iMC dbman RestartDB Unauthenticated RCE)
Reference Information
CVE: CVE-2017-5816
BID: 98469
HP: HPESBHF03745, emr_na-hpesbhf03745en_us
ZDI: ZDI-17-340