Lucene search
SztiviZDI-17-340HistoryMay 15, 2017 - 12:00 a.m.
Hewlett Packard Enterprise Intelligent Management Center dbman Opcode 10008 Command Injection Remote Code Execution Vulnerability
2017-05-1500:00:00
sztivi
www.zerodayinitiative.com
15
0.966 High
EPSS
Percentile
99.6%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dbman service, which listens on TCP port 2810 by default . The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute arbitrary code under the context of SYSTEM.
Related
checkpoint_advisories
checkpoint_advisories
zdt
zdt
HPE iMC dbman RestartDB Unauthenticated Remote Command Execution Exploit
2018-01-10 00:00:00
HP iMC Plat 7.2 - Remote Code Execution Exploit (2)
2017-12-02 00:00:00
canvas
canvas
Immunity Canvas: HP_IMC_RCE
2018-02-15 22:29:00
cvelist
cvelist
CVE-2017-5816
2017-07-21 00:00:00
cve
cve
CVE-2017-5816
2018-02-15 22:29:06
saint
saint
HP Intelligent Management Center dbman opcode 10008 command injection
2017-12-14 00:00:00
HP Intelligent Management Center dbman opcode 10008 command injection
2017-12-14 00:00:00
HP Intelligent Management Center dbman opcode 10008 command injection
2017-12-14 00:00:00
packetstorm
packetstorm
HPE iMC dbman RestartDB Unauthenticated Remote Command Execution
2018-01-10 00:00:00
HP iMC Plat 7.2 Remote Code Execution
2017-12-02 00:00:00
exploitpack
exploitpack
HP iMC Plat 7.2 - Remote Code Execution (2)
2017-11-29 00:00:00
nvd
nvd
CVE-2017-5816
2018-02-15 22:29:06
nessus
nessus
prion
prion
Remote code execution
2018-02-15 22:29:00
exploitdb
exploitdb
HP iMC Plat 7.2 - Remote Code Execution (2)
2017-11-29 00:00:00