Lucene search

[email protected]CVE-2018-7114

HistoryDec 03, 2018 - 3:29 p.m.

CVE-2018-7114

2018-12-0315:29:00

CWE-119

[email protected]

web.nvd.nist.gov

hpe

imc

plat 7.3

e0605p06

remote buffer overflow

vulnerability

code execution

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 High

AI Score

Confidence

High

0.225 Low

EPSS

Percentile

96.5%

JSON

HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to remote buffer overflow in dbman leading to code execution. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.

Affected configurations

NVD

Node

hpintelligent_management_centerRange<7.3

hpintelligent_management_centerMatch7.3-

hpintelligent_management_centerMatch7.3e0503

hpintelligent_management_centerMatch7.3e0504

hpintelligent_management_centerMatch7.3e0504p02

hpintelligent_management_centerMatch7.3e0504p04

hpintelligent_management_centerMatch7.3e0506

hpintelligent_management_centerMatch7.3e0506p03

hpintelligent_management_centerMatch7.3e0506p07

hpintelligent_management_centerMatch7.3e0506p09

hpintelligent_management_centerMatch7.3e0605

hpintelligent_management_centerMatch7.3e0605h02

hpintelligent_management_centerMatch7.3e0605h05

hpintelligent_management_centerMatch7.3e0605p04

CPENameOperatorVersion
hp:intelligent_management_centerhp intelligent management centerlt7.3

CPE	Name	Operator	Version
hp:intelligent_management_center	hp intelligent management center	lt	7.3

CNA Affected

[
  {
    "product": "HPE Intelligent Management Center (IMC)",
    "vendor": "Hewlett Packard Enterprise",
    "versions": [
      {
        "status": "affected",
        "version": "prior to IMC PLAT 7.3 (E0605P06)"
      }
    ]
  }
]

References

www.securityfocus.com/bid/106211

www.securitytracker.com/id/1042182

support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03906en_us

support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03906en_us

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 High

AI Score

Confidence

High

0.225 Low

EPSS

Percentile

96.5%

JSON

Related for CVE-2018-7114

cvelist1 zdi1 nvd1 checkpoint_advisories1 prion1 nessus1