Remote Code Execution Vulnerability in HPE OpenCall Media Platform
CVE-2017-5798

6.1MEDIUM

Key Information:

Vendor: HP
Status: Opencall Media Platform (ocmp)
Vendor: CVE Published:; 20 March 2017

🔔 Create HP Vulnerability Alert

What is CVE-2017-5798?

A Remote Code Execution vulnerability was discovered in HPE OpenCall Media Platform (OCMP), which allows attackers to execute arbitrary code on the affected systems. This vulnerability targets OCMP versions prior to 3.4.2 RP201 for the 3.x series and all versions prior to 4.4.7 RP702 for the 4.x series. The exploitation of this vulnerability could lead to severe consequences, including full system compromise.

Affected Version(s)

OpenCall Media Platform (OCMP) prior to 3.4.2 RP201 (for OCMP 3.x), all versions prior to 4.4.7 RP702 (for OCMP 4.x)

References

https://www.exploit-db.com/exploits/41927/

exploitx_refsource_EXPLOIT-DB

http://www.securityfocus.com/bid/98013

vdb-entryx_refsource_BID

https://support.hpe.com/hpsc/doc/public/display?docId=emr...

x_refsource_CONFIRM

EPSS Score

5% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 20, 2017
Vulnerability Reserved
Feb 1, 2017

.