CVE-2017-8963
Vulnerability from cvelistv5
Published
2018-02-15 22:00
Modified
2024-09-16 20:52
Severity ?
EPSS score ?
Summary
A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.
References
▼ | URL | Tags | |
---|---|---|---|
security-alert@hpe.com | http://www.securitytracker.com/id/1039684 | Third Party Advisory, VDB Entry | |
security-alert@hpe.com | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03787en_us | Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Hewlett Packard Enterprise | Intelligent Management Center (iMC) PLAT |
Version: 7.3 E0504P2 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T16:55:21.528Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03787en_us" }, { "name": "1039684", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1039684" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Intelligent Management Center (iMC) PLAT", "vendor": "Hewlett Packard Enterprise", "versions": [ { "status": "affected", "version": "7.3 E0504P2" } ] } ], "datePublic": "2017-10-27T00:00:00", "descriptions": [ { "lang": "en", "value": "A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found." } ], "problemTypes": [ { "descriptions": [ { "description": "Deserialization of Untrusted Data", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-02-16T10:57:01", "orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03787en_us" }, { "name": "1039684", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1039684" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security-alert@hpe.com", "DATE_PUBLIC": "2017-10-27T00:00:00", "ID": "CVE-2017-8963", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intelligent Management Center (iMC) PLAT", "version": { "version_data": [ { "version_value": "7.3 E0504P2" } ] } } ] }, "vendor_name": "Hewlett Packard Enterprise" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Deserialization of Untrusted Data" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03787en_us", "refsource": "CONFIRM", "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03787en_us" }, { "name": "1039684", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039684" } ] } } } }, "cveMetadata": { "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "assignerShortName": "hpe", "cveId": "CVE-2017-8963", "datePublished": "2018-02-15T22:00:00Z", "dateReserved": "2017-05-15T00:00:00", "dateUpdated": "2024-09-16T20:52:09.293Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2017-8963\",\"sourceIdentifier\":\"security-alert@hpe.com\",\"published\":\"2018-02-15T22:29:08.560\",\"lastModified\":\"2018-02-24T18:53:16.553\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en SAP internet Graphics Server 7.20, 7.20EXT, 7.45, 7.49 y 7.53 podr\u00eda permitir que un usuario malicioso almacene gr\u00e1ficos en un \u00e1rea controlada y, por lo tanto, obtenga informaci\u00f3n del \u00e1rea del sistema que no estar\u00eda disponible al usuario de otra forma.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:C/A:C\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\",\"baseScore\":9.0},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:intelligent_management_center:7.3:e0504p02:*:*:*:*:*:*\",\"matchCriteriaId\":\"16728216-DDCF-4842-9C7F-02FE7E055E70\"}]}]}],\"references\":[{\"url\":\"http://www.securitytracker.com/id/1039684\",\"source\":\"security-alert@hpe.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03787en_us\",\"source\":\"security-alert@hpe.com\",\"tags\":[\"Vendor Advisory\"]}]}}" } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.