Japan Vulnerability NotesJVN:12969207JVN#12969207: HPE Agentless Management registers unquoted service paths
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
12.6%
HP Agentless Management provided by Hewlett Packard Enterprise registers some Windows services with unquoted file paths (CWE-428).
Impact
When a registered Windows service path contains spaces and is unquoted, and a malicious executable is placed on a certain path, the executable may be executed with the privilege of the Windows service.
Solution
Update the software
Update the software to the latest version according to the information provided by the developer.
Products Affected
- HPE Agentless Management Service for Windows x64 - versions prior to 1.44.0.0
- HPE ProLiant Agentless Management Service for HPE Apollo, ProLiant and Synergy Gen9 servers - versions prior to 10.96.0.0
Related
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
12.6%