Privilege escalation in HPE iMC PLAT - CVE-2017-8984
Published: January 29, 2018
Vulnerability identifier: #VU10320
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2017-8984
CWE-ID: CWE-264
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: HPE
Affected software:
HPE iMC PLAT
HPE iMC PLAT
Detailed vulnerability description
The vulnerability allows a remote attacker to gain elevated privileges on the target system.
The weakness exists in HPE Intelligent Management Center (iMC) PLAT due to unspecified flaws. A remote attacker can execute arbitrary commands, write or delete arbitrary files with SYSTEM or root privileges.
Successful exploitation of the vulnerability may result in system compromise.
The weakness exists in HPE Intelligent Management Center (iMC) PLAT due to unspecified flaws. A remote attacker can execute arbitrary commands, write or delete arbitrary files with SYSTEM or root privileges.
Successful exploitation of the vulnerability may result in system compromise.
How to mitigate CVE-2017-8984
Update to version 7.3 E0506P07.