Intrusion Prevention

HPE.IMC.dbman.Opcode.10007.Code.Injection

Description

This indicates an attack attempt to exploit a Code Injection vulnerability in HPE Intelligent Management Center.
The vulnerability is due to an error in dbman service when parsing user supplied data for opcode 10007. It may allow remote attackers to execute arbitrary code on vulnerable systems by sending a crafted client request.

Affected Products

HP Intelligent Management Center 7.3 E0504

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03745en_us

CVE References

CVE-2017-5817 CVE-2017-5819