Intrusion Prevention

HPE.IMC.dbman.decryptMsgAes.Stack.Buffer.Overflow

Description

This indicates an attack attempt against a Stack Buffer Overflow vulnerability in HPE Intelligent Management Center.
A remote, unauthenticated attacker can exploit this vulnerability by sending a maliciously long command to the target server. Successful exploitation could result in remote code execution on the target server in the context of SYSTEM or root.

Affected Products

HP Intelligent Management Center prior to 7.3 E0605P06

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor:
https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03906en_us

CVE References

CVE-2018-7114