Authentication Flaw in HPE BSM Platform Application Performance Management System
CVE-2017-13983

9.8CRITICAL

Key Information:

Vendor
HP
Status
Bsm Platform Application Performance Management System Health
Vendor
CVE Published:
30 September 2017

Summary

The HPE BSM Platform Application Performance Management System is susceptible to an authentication vulnerability that enables remote users to bypass standard authentication protocols. This flaw affects product versions 9.26, 9.30, and 9.40, potentially allowing unauthorized access to sensitive data and system functionalities. Immediate action is advised to mitigate risks associated with this vulnerability.

References

https://softwaresupport.hpe.com/km/KM02942065
x_refsource_CONFIRM
https://www.auscert.org.au/bulletins/52154
third-party-advisoryx_refsource_AUSCERT
http://www.zerodayinitiative.com/advisories/ZDI-17-722/
x_refsource_MISC

EPSS Score

20% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.