Remote Code Execution Risk in HPE Intelligent Management Center Wireless Services Manager Software
CVE-2018-7104

9.8CRITICAL

Key Information:

Vendor: HP
Status: HP Intelligent Management Center (imc) Wireless Services Manager Software
Vendor: CVE Published:; 27 September 2018

Summary

A vulnerability has been identified in HPE Intelligent Management Center Wireless Services Manager Software that allows for remote code execution. This risk impacts all versions prior to 7.3 E0506P02. Attackers could exploit this flaw, potentially gaining unauthorized access to system functionalities, leading to severe impacts on network security. Users are advised to update to the latest version to mitigate this security risk.

Affected Version(s)

HPE Intelligent Management Center (iMC) Wireless Services Manager Software Prior to IMC WSM 7.3 E0506P02

References

https://support.hpe.com/hpsc/doc/public/display?docLocale...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 27, 2018
Vulnerability Reserved
Feb 15, 2018