Lucene search
SAINT CorporationSAINT:5D4A5CA78683147DA0AA35CA083AD365HistoryDec 14, 2017 - 12:00 a.m.
HP Intelligent Management Center dbman opcode 10008 command injection
2017-12-1400:00:00
SAINT Corporation
download.saintcorporation.com
555
0.966 High
EPSS
Percentile
99.6%
Added: 12/14/2017
CVE: CVE-2017-5816
BID: 98469
Background
HP Intelligent Management Center (IMC), also known as HP iNode Management Center, is a comprehensive management platform for delivering integrated, modular network management capabilities.
Problem
A remote, unauthenticated attacker could execute arbitrary commands by injecting them into an opcode 10008 request to the dbman service.
Resolution
See HPESBHF03745 for fix information.
References
<http://www.zerodayinitiative.com/advisories/ZDI-17-340/>
<https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03745en_us>
Limitations
Exploit works on iMC PLAT v7.2 (E0403) Standard running on Windows.
Platforms
Windows
Related
zdt
zdt
HPE iMC dbman RestartDB Unauthenticated Remote Command Execution Exploit
2018-01-10 00:00:00
HP iMC Plat 7.2 - Remote Code Execution Exploit (2)
2017-12-02 00:00:00
checkpoint_advisories
checkpoint_advisories
canvas
canvas
Immunity Canvas: HP_IMC_RCE
2018-02-15 22:29:00
cvelist
cvelist
CVE-2017-5816
2017-07-21 00:00:00
cve
cve
CVE-2017-5816
2018-02-15 22:29:06
saint
saint
HP Intelligent Management Center dbman opcode 10008 command injection
2017-12-14 00:00:00
HP Intelligent Management Center dbman opcode 10008 command injection
2017-12-14 00:00:00
zdi
zdi
packetstorm
packetstorm
HPE iMC dbman RestartDB Unauthenticated Remote Command Execution
2018-01-10 00:00:00
HP iMC Plat 7.2 Remote Code Execution
2017-12-02 00:00:00
exploitpack
exploitpack
HP iMC Plat 7.2 - Remote Code Execution (2)
2017-11-29 00:00:00
nvd
nvd
CVE-2017-5816
2018-02-15 22:29:06
nessus
nessus
prion
prion
Remote code execution
2018-02-15 22:29:00
exploitdb
exploitdb
HP iMC Plat 7.2 - Remote Code Execution (2)
2017-11-29 00:00:00