3 matches found
CVE-2017-5795
CVE-2017-5795 affects HPE Intelligent Management Center (IMC) PLAT 7.2 E0403P06. The vulnerability resides in FileDownloadServlet, where insufficient validation/sanitization of the fileName parameter allows directory traversal, enabling remote disclosure of arbitrary files. ZDI notes that exploit...
HPE Intelligent Management Center FileDownloadServlet fileName Directory Traversal (CVE-2017-5795)
A directory traversal vulnerability has been reported in HPE Intelligent Management Center. The vulnerability is due to a lack of proper input sanitization on the fileName parameter in FileDownloadServlet. A remote attacker can exploit this vulnerability by sending a maliciously crafted HTTP...
HPE Intelligent Management Center 7.2 E0403P06 Multiple Vulnerabilities
The version of HPE Intelligent Management Center IMC running on the remote host is version 7.2 E0403P06. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in UrlAccessController when handling URIs with the doFilter method. A remote attacker can exploit this, via a specially...