Improper input validation in HP Intelligent Management Center - CVE-2017-5822
Published: May 26, 2017
Vulnerability identifier: #VU6783
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2017-5822
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Hewlett Packard Enterprise Development LP
Affected software:
HP Intelligent Management Center
HP Intelligent Management Center
Detailed vulnerability description
The vulnerability allows a remote attacker to modify important information.
The weakness exists due to insufficient validation of user-supplied input. A remote attacker can send specially crafted data to TCP port 2810, gain access to user and system data and change it.
Successful exploitation of the vulnerability may result in modification of information.
The weakness exists due to insufficient validation of user-supplied input. A remote attacker can send specially crafted data to TCP port 2810, gain access to user and system data and change it.
Successful exploitation of the vulnerability may result in modification of information.
How to mitigate CVE-2017-5822
Update to version 7.3 E0504P04.