CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2018-7076
https://notcve.org/view.php?id=CVE-2018-7076
A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) prior to iMC PLAT 7.3 E0605P04. Se ha identificado una vulnerabilidad de ejecución remota de código en HPE Intelligent Management Center (iMC) en versiones anteriores a la PLAT 7.3 E0605P04. • https://exchange.xforce.ibmcloud.com/vulnerabilities/151693 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03901en_us • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 15%CPEs: 14EXPL: 0CVE-2018-7114 – Hewlett Packard Enterprise Intelligent Management Center dbman decryptMsgAes Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-7114
HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to remote buffer overflow in dbman leading to code execution. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions. HPE Intelligent Management Center (IMC) en versiones anteriores a IMC PLAT 7.3 (E0605P06) es vulnerable a un desbordamiento de búfer remoto en dbman que conduce a una ejecución de código. El problema se ha resuelto en IMC PLAT 7.3 E0605P06 o en versiones posteriores. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. • http://www.securityfocus.com/bid/106211 http://www.securitytracker.com/id/1042182 https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03906en_us https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03906en_us • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-7102 – Hewlett Packard Enterprise Intelligent Management Center imciccdm createFabricAutoCfgFile Directory Traversal Arbitrary File Write Vulnerability
https://notcve.org/view.php?id=CVE-2018-7102
A security vulnerability in HPE Intelligent Management Center (iMC) PLAT E0506P09, createFabricAutoCfgFile could be remotely exploited via directory traversal to allow remote arbitrary file modification. Podría explotarse remotamente una vulnerabilidad de seguridad en HPE Intelligent Management Center (iMC) PLAT E0506P09, en createFabricAutoCfgFile, mediante un salto de directorio para permitir la modificación de archivos arbitrarios. This vulnerability allows remote attackers to create arbitrary files on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the imciccdm component. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03887en_us • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2018-7092 – Hewlett Packard Enterprise Intelligent Management Center TFTP deleteBaseCfgfile Directory Traversal Arbitrary File Deletion Vulnerability
https://notcve.org/view.php?id=CVE-2018-7092
A potential security vulnerability has been identified in HPE Intelligent Management Center Platform (IMC Plat) 7.3 E0506P09. The vulnerability could be remotely exploited to allow for remote directory traversal leading to arbitrary file deletion. Se ha identificado una potencial vulnerabilidad de seguridad en HPE Intelligent Management Center (IMC Plat) 7.3 E0506P09. La vulnerabilidad podría explotarse remotamente para permitir el salto de directorio remoto que conduce a la eliminación de archivos arbitrarios. This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. • http://www.securitytracker.com/id/1041412 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03872en_us • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7075
https://notcve.org/view.php?id=CVE-2018-7075
A remote cross-site scripting (XSS) vulnerability was identified in HPE Intelligent Management Center (iMC) PLAT version v7.3 (E0506). The vulnerability is fixed in Intelligent Management Center PLAT 7.3 E0605P04 or subsequent version. Se ha identificado una vulnerabilidad de Cross-Site Scripting (XSS) remoto en HPE Intelligent Management Center (iMC) PLAT en versiones 7.3 (E0506). La vulnerabilidad ha sido resuelta en Intelligent Management Center PLAT 7.3 E0605P04 o siguientes. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03863en_us • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •