virus logo Intrusion Prevention

HPE.IMC.devGroupSelect.Expression.Language.Injection

description-logoDescription

This indicates an attack attempt to exploit an Input Validation Error Vulnerability in HP Intelligent Management Center.
This vulnerability is due to insufficient handling of user supplied parameters in the vulnerable application. A remote, authenticated attacker can exploit this vulnerability by sending a crafted request to the vulnerable server. Successful exploitation results in the execution of arbitrary code on the target system with privileges of SYSTEM user.

affected-products-logoAffected Products

HP Intelligent Management Center prior to 7.3 E0705P04

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://support.hpe.com/hpesc/public/docDisplay?docId=a00098608en_us

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-07-21 15.891 Default_action:pass:drop
2020-07-09 15.882
ID 49321
Created Jul 01, 2020
Updated Apr 12, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Default Action drop
Active
Affected OS Windows, Linux
Affected App HP