Vulnerability Details : CVE-2017-12557

Public exploit exists!
A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.
Published 2018-02-15 22:29:05
Updated 2019-03-08 18:25:17
Source Hewlett Packard Enterprise (HPE)
View at NVD,   CVE.org
Vulnerability category: Execute code

Exploit prediction scoring system (EPSS) score for CVE-2017-12557

Probability of exploitation activity in the next 30 days: 92.33%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 99 % EPSS Score History EPSS FAQ

Metasploit modules for CVE-2017-12557

  • HP Intelligent Management Java Deserialization RCE
    Disclosure Date: 2017-10-03
    First seen: 2020-04-26
    exploit/windows/http/hp_imc_java_deserialize
    This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebDMDebug

CVSS scores for CVE-2017-12557

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source
10.0
 HIGH AV:N/AC:L/Au:N/C:C/I:C/A:C
10.0
10.0
 NIST
9.8
 CRITICAL CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.9
5.9
 NIST

CWE ids for CVE-2017-12557

References for CVE-2017-12557

Products affected by CVE-2017-12557

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close