Lucene search
+L
HpIntelligent Management Center

310 matches found

CVE
CVE
added 2018/02/15 10:0 p.m.414 views

CVE-2017-5816

CVE-2017-5816: A Remote Code Execution via HPE iMC PLAT 7.3 E0504P04 dbman RestartDB (opcode 10008) allows unauthenticated remote command execution due to improper validation of RestartDB input. The vulnerability affects the dbman component of HP iMC and can execute OS commands as SYSTEM over TCP...

10CVSS7.5AI score0.86466EPSS
CVE
CVE
added 2013/10/13 10:0 a.m.162 views

CVE-2013-4822

CVE-2013-4822 affects HP Intelligent Management Center (iMC) Branch Intelligent Management System (BIMS) UploadServlet. The vulnerability is described as an unauthenticated file-upload vulnerability in the BIMS module, enabling remote attackers to upload arbitrary files and potentially execute ar...

10CVSS7.7AI score0.62617EPSS
Web
CVE
CVE
added 2013/03/09 11:1 a.m.154 views

CVE-2012-5208

CVE-2012-5208 affects HP Intelligent Management Center (iMC) and iMC for ANM prior to 5.2 E0401. The connected sources identify this as an information-disclosure vulnerability (remote, via unknown vectors per ZDI-1615) that could allow an attacker to obtain sensitive information. The issue is emb...

7.5CVSS6.8AI score0.02485EPSS
CVE
CVE
added 2013/03/09 11:1 a.m.146 views

CVE-2012-5201

HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) prior to 5.2 E0401 are affected by an unspecified remote code execution vulnerability (CVE-2012-5201). Multiple connected sources indicate the flaw relates to the mibFileUpload component a...

10CVSS7.6AI score0.63744EPSS
Web
CVE
CVE
added 2013/10/13 10:0 a.m.145 views

CVE-2013-4824

HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module contain an authentication bypass in the AccountService RpcServiceServlet (CVE-2013-4824). The vulnerability allows remote attackers to bypass authentication and can enable account creation/manipulation,...

7.5CVSS7AI score0.23927EPSS
CVE
CVE
added 2013/03/09 11:1 a.m.141 views

CVE-2012-5206

CVE-2012-5206 affects HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) prior to 5.2 E0401. The vulnerability enables remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors (ZDI-CAN...

7.5CVSS6.8AI score0.02485EPSS
CVE
CVE
added 2013/10/13 10:0 a.m.137 views

CVE-2013-4826

CVE-2013-4826 affects the HP Intelligent Management Center (iMC) SOM Module, specifically the FileDownloadServlet. An unauthenticated remote attacker can disclose arbitrary files due to a lack of authentication in the servlet, enabling information exposure (CVE-2013-4826; CVSSv2 base 5.0). A Meta...

5CVSS6.2AI score0.31556EPSS
CVE
CVE
added 2013/03/09 11:1 a.m.136 views

CVE-2012-5204

CVE-2012-5204 affects HP Intelligent Management Center (iMC) and related ANM modules. The connected documentation confirms a directory traversal in the IctDownloadServlet that enables an unauthenticated attacker to retrieve arbitrary files with SYSTEM privileges, leading to information disclosure...

7.5CVSS6.8AI score0.18464EPSS
CVE
CVE
added 2019/06/05 2:8 p.m.134 views

CVE-2019-5392

CVE-2019-5392 affects HPE Intelligent Management Center (IMC) PLAT releases prior to 7.3 E0506P09. The issue is an information-disclosure vulnerability in the dbman component (command 10001), where improper validation allows an unauthenticated remote attacker to view potentially sensitive informa...

5.3CVSS5AI score0.07103EPSS
CVE
CVE
added 2013/03/09 11:1 a.m.129 views

CVE-2012-5202

CVE-2012-5202 is an information disclosure vulnerability in HP Intelligent Management Center (iMC) and ANM/FaultDownloadServlet prior to 5.2 E0401. The issue arises from a directory traversal vulnerability that, per the Metasploit module, allows unauthenticated attackers to access arbitrary files...

7.5CVSS6.8AI score0.21014EPSS
CVE
CVE
added 2019/06/05 2:56 p.m.105 views

CVE-2019-5391

CVE-2019-5391 is a stack-based buffer overflow vulnerability in HPE Intelligent Management Center (IMC) Platform, present in IMC PLAT versions earlier than 7.3 E0506P09. Multiple connected sources (including Red Hat, CNVD, CVE records) describe it consistently as a stack overflow issue affecting ...

10CVSS9.6AI score0.02667EPSS
CVE
CVE
added 2019/06/05 2:55 p.m.104 views

CVE-2019-5390

CVE-2019-5390 is a remote command injection vulnerability in HPE Intelligent Management Center (IMC) PLAT prior to version 7.3 E0506P09. The issue affects the iMC/dbman components and allows an unauthenticated, network‑based attacker to execute arbitrary commands on the remote host. Impact is des...

10CVSS9.6AI score0.04359EPSS
CVE
CVE
added 2019/06/05 2:53 p.m.103 views

CVE-2019-5385

Summary (CVE-2019-5385) : A remote code execution vulnerability exists in HPE Intelligent Management Center (IMC) PLAT older than 7.3 E0506P09. The issue is an Expression Language injection in the perfSelectTask endpoint, due to insufficient validation of the beanName parameter. Exploitation can ...

9CVSS9AI score0.0364EPSS
CVE
CVE
added 2018/02/15 10:0 p.m.99 views

CVE-2017-12561

CVE-2017-12561 is a remote code execution flaw in HP/HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P4 and earlier. The ZDI advisory details a use-after-free in the dbman service (listening on TCP port 2810) where a crafted opcode 10012 message can reuse a freed pointer to execute arbitrar...

10CVSS9.7AI score0.31112EPSS
CVE
CVE
added 2019/06/05 3:7 p.m.98 views

CVE-2019-11953

CVE-2019-11953 affects Hewlett Packard Enterprise Intelligent Management Center (IMC) Platform prior to 7.3 E0506P09. The root cause is improper handling/validation of the beanName parameter in the smsRulesDownload.xhtml endpoint, allowing an attacker to cause remote code execution. Some sources ...

9CVSS9AI score0.0364EPSS
CVE
CVE
added 2019/06/05 3:9 p.m.97 views

CVE-2019-11957

CVE-2019-11957 affects HPE Intelligent Management Center (IMC) PLAT earlier than 7.3 E0506P09. The vulnerability is described as remote code execution. Several connected sources reiterate IMC versions prior to 7.3 E0506P09, with Red Hat and CNVD entries additionally noting a stack buffer overflow...

9.3CVSS8.3AI score0.05163EPSS
CVE
CVE
added 2019/06/05 2:55 p.m.95 views

CVE-2019-5389

CVE-2019-5389 affects Hewlett Packard Enterprise Intelligent Management Center (IMC) PLAT prior to 7.3 E0506P09. The root cause is an expression-language injection in IMC that can lead to remote code execution. ZDI notes that authentication is required to exploit, but the authentication mechanism...

9CVSS9AI score0.0364EPSS
CVE
CVE
added 2019/06/05 3:9 p.m.94 views

CVE-2019-11958

CVE-2019-11958 affects Hewlett Packard Enterprise Intelligent Management Center (IMC) Platform versions prior to 7.3 E0506P09. The connected sources describe a remote code execution vulnerability in the IMC operatorGroupSelectContent Expression Language. The root cause is improper handling/valida...

9CVSS9AI score0.0364EPSS
CVE
CVE
added 2019/06/05 3:14 p.m.94 views

CVE-2019-11962

HPE Intelligent Management Center (IMC) PLAT contains a remote code execution vulnerability in the selectUserGroup expression language handling. Affected: IMC PLAT versions earlier than 7.3 E0506P09. Root cause: expression-language injection in selectUserGroup.xhtml. Impact: remote code execution...

9CVSS9AI score0.0364EPSS
CVE
CVE
added 2019/06/05 3:21 p.m.94 views

CVE-2019-11985

CVE-2019-11985 affects HPE Intelligent Management Center (IMC) PLAT prior to 7.3 E0506P09. A remote attacker can trigger code execution via the beanName parameter handled by choosePerfView.xhtml due to improper validation. Documents indicate network-exposed remote code execution with possible aut...

9CVSS9AI score0.0364EPSS
CVE
CVE
added 2018/02/15 10:0 p.m.93 views

CVE-2017-12500

CVE-2017-12500 is a remote, unauthenticated RCE in HPE iMC PLAT 7.3 (E0504) via EL Injection (beanName parameter and related pages). Exploitation leads to arbitrary code execution; patched in PLAT v7.3 (E0506) or later (per NVD entry and corroborating exploit references).

9CVSS8.8AI score0.14999EPSS
CVE
CVE
added 2019/06/05 3:20 p.m.93 views

CVE-2019-11986

Summary: CVE-2019-11986 affects Hewlett Packard Enterprise Intelligent Management Center (IMC) PLAT prior to version 7.3 E0506P09. A flaw in the GWT perfSelItemServer expression language allows an attacker to trigger remote code execution. The root cause is an injection in the expression evaluati...

9CVSS9AI score0.0364EPSS
CVE
CVE
added 2019/06/05 2:53 p.m.93 views

CVE-2019-5386

CVE-2019-5386 affects HPE Intelligent Management Center (IMC) PLAT versions earlier than 7.3 E0506P09. The connected advisories describe a remote code execution vulnerability arising from incorrect handling of the beanName parameter in the Expression Language injection path, specifically involvin...

9CVSS9AI score0.0364EPSS
CVE
CVE
added 2019/06/05 3:14 p.m.90 views

CVE-2019-11961

Affected software: HPE Intelligent Management Center (IMC) PLAT, prior to 7.3 E0506P09. Vulnerability: Remote code execution via templateSelect expression language injection, enabling code execution in the context of SYSTEM. Root cause / vector: Handling of templateSelect.xhtml beanName parameter...

9CVSS9AI score0.0364EPSS
CVE
CVE
added 2019/06/05 2:47 p.m.90 views

CVE-2019-5373

CVE-2019-5373 affects Hewlett Packard Enterprise Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09 . The root cause is improper handling/validation of the beanName parameter in the IMC web components (notably related to CustomTemplateSelectBean/bean handling in customTemp...

9CVSS9AI score0.0364EPSS
CVE
CVE
added 2020/10/19 5:34 p.m.90 views

CVE-2020-24646

HPE Intelligent Management Center (iMC) before PLAT 7.3 (E0705P07) is affected by CVE-2020-24646. The vulnerability is a stack-based buffer overflow in the tftpserver component that allows remote code execution. The root cause is improper validation of the length of user-supplied data prior to co...

10CVSS9.9AI score0.07013EPSS
CVE
CVE
added 2019/06/05 3:7 p.m.89 views

CVE-2019-11954

CVE-2019-11954 is a remote code execution vulnerability in Hewlett Packard Enterprise Intelligent Management Center (IMC) PLAT prior to 7.3 E0506P09. The root cause is improper validation of the beanName parameter in the operationSelect.xhtml endpoint, allowing an attacker to execute code in the ...

9CVSS9AI score0.0364EPSS
CVE
CVE
added 2019/06/05 3:13 p.m.89 views

CVE-2019-11960

HPE Intelligent Management Center (IMC) PLAT, affected in versions earlier than 7.3 E0506P09, is vulnerable to a remote code execution through select expression language injection. The root cause involves improper handling of the beanName parameter in the select.xhtml endpoint, enabling an attack...

9CVSS9AI score0.0364EPSS
CVE
CVE
added 2020/10/19 5:39 p.m.89 views

CVE-2020-7160

CVE-2020-7160 affects Hewlett Packard Enterprise Intelligent Management Center (iMC) before PLAT 7.3 (E0705P07). The issue is a iccSelectDeviceSeries expression language injection in the iccSelectDeviceSeries.xhtml endpoint, allowing remote code execution. The vulnerability can execute code with ...

10CVSS9.8AI score0.06994EPSS
CVE
CVE
added 2020/10/19 5:46 p.m.89 views

CVE-2020-7192

HPE Intelligent Management Center (iMC) before PLAT 7.3 (E0705P07) is affected. The vulnerability is in the deviceThresholdConfig expression language handling (beanName parameter), where improper input validation enables remote code execution in the context of SYSTEM. Public advisories (e.g., ZDI...

9CVSS9AI score0.03353EPSS
CVE
CVE
added 2019/06/05 3:28 p.m.88 views

CVE-2019-11980

HPE Intelligent Management Center (IMC) Platform vulnerable in releases older than 7.3 E0506P09. The issue resides in SSHParameterResource addSSHParameterKeyFile handling, enabling remote code execution. Exploitation requires authentication, but the existing mechanism can be bypassed according to...

9CVSS8.8AI score0.01543EPSS
CVE
CVE
added 2020/10/19 5:34 p.m.88 views

CVE-2020-24630

The CVE-2020-24630 issue affects Hewlett Packard Enterprise Intelligent Management Center (iMC) prior to PLAT 7.3 (E0705P07). The ZDI advisory describes a privilege-escalation flaw in the operatorOnlineList_content.xhtml/operatorOnlineList_contentOnly.xhtml endpoints, where sensitive admin-level ...

9CVSS8.8AI score0.01804EPSS
CVE
CVE
added 2018/02/15 10:0 p.m.86 views

CVE-2017-5792

CVE-2017-5792 affects HPE Intelligent Management Center (iMC) PLAT v7.3 E0504P2. The issue is a Java deserialization flaw in the euplat RMI registry that allows unauthenticated remote code execution via specially crafted serialized data, leveraging CommonsBeanutils. Public references (Exploit DB,...

9.8CVSS9.6AI score0.34882EPSS
CVE
CVE
added 2018/02/15 10:0 p.m.86 views

CVE-2017-5817

HPE iMC PLAT 7.3 E0504P04 contains a Remote Code Execution via the dbman RestoreDBase opcode 10007. The vulnerability arises from improper validation of user-supplied input in RestoreDBase handling, allowing unauthenticated remote attackers to inject commands and execute arbitrary OS commands wit...

10CVSS7.6AI score0.82877EPSS
CVE
CVE
added 2020/10/19 5:38 p.m.86 views

CVE-2020-7156

HPE iMC (Intelligent Management Center)

10CVSS9.8AI score0.06994EPSS
CVE
CVE
added 2020/10/19 5:42 p.m.86 views

CVE-2020-7167

The CVE-2020-7167 issue affects Hewlett Packard Enterprise’s Intelligent Management Center (iMC) prior to version 7.3 (E0705P07). The vulnerability is a quickTemplateSelect expression language injection that leads to remote code execution. Affected component is the iMC web interface handling the ...

10CVSS9.8AI score0.06895EPSS
CVE
CVE
added 2019/06/05 2:54 p.m.85 views

CVE-2019-5387

CVE-2019-5387 describes a remote code execution in HPE Intelligent Management Center (IMC) PLAT older than 7.3 E0506P09 . Connected advisories confirm the vulnerability stems from an expression-language/beanName handling flaw (navigationTo expression language injection) that allows an attacker to...

10CVSS9.7AI score0.08107EPSS
CVE
CVE
added 2019/06/05 2:55 p.m.85 views

CVE-2019-5388

HPE Intelligent Management Center (IMC) PLAT is affected by CVE-2019-5388 in versions earlier than 7.3 E0506P09. The published reports describe a remote code execution vulnerability stemming from an expression language injection in IMC’s handling of the evaluation context (notably the passBeanNam...

9CVSS9AI score0.0364EPSS
CVE
CVE
added 2011/05/13 5:0 p.m.84 views

CVE-2011-1851

CVE-2011-1851 affects HP Intelligent Management Center (IMC) 5.0 before E0101L02. The vulnerability is a stack-based buffer overflow in the tftpserver.exe component triggered by a long mode field in received TFTP packets, enabling remote code execution in the security context of the service. Red ...

10CVSS8AI score0.12855EPSS
CVE
CVE
added 2018/02/15 10:0 p.m.84 views

CVE-2017-12489

CVE-2017-12489 is a remote code execution vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT, affecting PLAT 7.3 (E0504). The issue is exploitable remotely over the network with low attack complexity and no user interaction, potentially compromising confidentiali...

9CVSS8.9AI score0.0572EPSS
CVE
CVE
added 2018/02/15 10:0 p.m.84 views

CVE-2017-12557

CVE-2017-12557 is an RCE in Hewlett Packard Enterprise HP iMC (HPE iMC) WebDMDebugServlet. Public records identify the vulnerability as insecure/deserialization that can be triggered remotely (no authentication) via standard ports (8080/8443), affecting iMC Plat 7.3 E0504P2 and earlier. Exploitat...

10CVSS9.6AI score0.80119EPSS
Web
CVE
CVE
added 2020/10/19 5:43 p.m.84 views

CVE-2020-7169

Affected product : HPE Intelligent Management Center (iMC). Vulnerability class : ictExpertCSVDownload expression language injection leading to remote code execution. Root cause : improper handling of the beanName parameter in ictExpertCSVDownload.xhtml, allowing crafted input to be evaluated as ...

10CVSS9.8AI score0.06994EPSS
CVE
CVE
added 2020/10/19 5:36 p.m.81 views

CVE-2020-7141

Vulnerability: HPE Intelligent Management Center (iMC) prior to 7.3 (E0705P07) is affected by a remote code execution through adddevicetoview Expression Language Injection. Root cause (per ZDI): improper handling/validation of the beanName parameter in addDeviceToView.xhtml, enabling arbitrary co...

10CVSS9.8AI score0.06994EPSS
CVE
CVE
added 2020/10/19 5:39 p.m.81 views

CVE-2020-7161

CVE-2020-7161 affects Hewlett Packard Enterprise Intelligent Management Center (iMC) prior to PLAT 7.3 (E0705P07). Multiple connected sources corroborate a reportTaskSelect expression language injection in iMC that enables remote code execution. The Red Hat, CNVD, NVD and ZDI entries describe the...

10CVSS9.8AI score0.06994EPSS
CVE
CVE
added 2020/10/19 5:42 p.m.81 views

CVE-2020-7166

CVE-2020-7166 affects Hewlett Packard Enterprise Intelligent Management Center (iMC) prior to version 7.3 (E0705P07). The issue is a remote code execution vulnerability caused by operatorGroupTreeSelectContent expression language injection, triggered via the beanName handling in operatorGroupTree...

10CVSS9.8AI score0.06994EPSS
CVE
CVE
added 2020/10/19 5:46 p.m.81 views

CVE-2020-7190

CVE-2020-7190 : In HPE Intelligent Management Center (iMC) prior to PLAT 7.3 (E0705P07), a deviceselect expression language injection allows remote code execution. The flaw stems from handling of the beanName parameter in deviceSelect.xhtml, enabling an attacker to run arbitrary code with SYSTEM ...

9CVSS9AI score0.03353EPSS
CVE
CVE
added 2019/06/05 2:17 p.m.80 views

CVE-2019-5349

CVE-2019-5349 is a remote code execution in HPE Intelligent Management Center (IMC) PLAT, affecting IMC up to and including 7.3 E0506P09. Connected sources describe a TopoDebugServlet expression language injection that can lead to remote code execution, with exploitation details indicating that a...

9CVSS9AI score0.0364EPSS
CVE
CVE
added 2019/06/05 2:10 p.m.79 views

CVE-2018-7123

CVE-2018-7123 is a remote denial-of-service vulnerability in HPE Intelligent Management Center (IMC) PLAT prior to version 7.3 E0506P09 . Multiple sources describe an unauthenticated remote DoS triggered via dbman/related commands (e.g., a crafted 10014 request), potentially causing the affected ...

7.8CVSS7.4AI score0.57691EPSS
CVE
CVE
added 2020/10/19 5:38 p.m.79 views

CVE-2020-7151

HPE Intelligent Management Center (iMC) before PLAT 7.3 E0705P07 is affected by a faulttrapgroupselect expression language injection that leads to remote code execution. The vulnerability stems from improper handling of the beanName parameter in faultTrapGroupSelect.xhtml, allowing an attacker to...

10CVSS9.8AI score0.06994EPSS
CVE
CVE
added 2020/10/19 5:38 p.m.79 views

CVE-2020-7154

CVE-2020-7154 affects HPE Intelligent Management Center (iMC) prior to 7.3 (PLAT E0705P07). The root cause is an expression language injection in the ifViewSelectPage.xhtml handling of the beanName parameter, allowing an attacker to execute arbitrary code on affected installations. Public sources...

10CVSS9.8AI score0.06895EPSS
Total number of security vulnerabilities310