7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.948 High
EPSS
Percentile
99.3%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SOM’s euAccountService servlet. No authentication is required to take advantage of this vulnerability, which allows the creation of a web administration account. An attacker can leverage this to manipulate other devices and users managed by the application and possibly leverage this situation to achieve remote code execution.