CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2018-7092 – Hewlett Packard Enterprise Intelligent Management Center TFTP deleteBaseCfgfile Directory Traversal Arbitrary File Deletion Vulnerability
https://notcve.org/view.php?id=CVE-2018-7092
A potential security vulnerability has been identified in HPE Intelligent Management Center Platform (IMC Plat) 7.3 E0506P09. The vulnerability could be remotely exploited to allow for remote directory traversal leading to arbitrary file deletion. Se ha identificado una potencial vulnerabilidad de seguridad en HPE Intelligent Management Center (IMC Plat) 7.3 E0506P09. La vulnerabilidad podría explotarse remotamente para permitir el salto de directorio remoto que conduce a la eliminación de archivos arbitrarios. This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. • http://www.securitytracker.com/id/1041412 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03872en_us • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7075
https://notcve.org/view.php?id=CVE-2018-7075
A remote cross-site scripting (XSS) vulnerability was identified in HPE Intelligent Management Center (iMC) PLAT version v7.3 (E0506). The vulnerability is fixed in Intelligent Management Center PLAT 7.3 E0605P04 or subsequent version. Se ha identificado una vulnerabilidad de Cross-Site Scripting (XSS) remoto en HPE Intelligent Management Center (iMC) PLAT en versiones 7.3 (E0506). La vulnerabilidad ha sido resuelta en Intelligent Management Center PLAT 7.3 E0605P04 o siguientes. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03863en_us • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 63%CPEs: 1EXPL: 0CVE-2018-7074 – Hewlett Packard Enterprise Intelligent Management Center tftpserver getFileData Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-7074
A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) PLAT 7.3 E0506P07. The vulnerability was resolved in iMC PLAT 7.3 E0605P04 or subsequent version. Se ha identificado una vulnerabilidad de ejecución remota de código en HPE Intelligent Management Center (iMC) PLAT 7.3 E0506P07. La vulnerabilidad ha sido resuelta en iMC PLAT 7.3 E0605P04 o siguientes. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. • http://www.securitytracker.com/id/1041354 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03864en_us •
CVSS: 9.0EPSS: 1%CPEs: 1EXPL: 0CVE-2017-12539
https://notcve.org/view.php?id=CVE-2017-12539
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version. Se ha encontrado una vulnerabilidad de ejecución remota de código en HPE Intelligent Management Center (iMC) PLAT versión PLAT 7.3 (E0504). El problema se ha resuelto en HPE Intelligent Management Center PLAT v7.3 (E0506) o en versiones posteriores. • http://www.securityfocus.com/bid/100367 http://www.securitytracker.com/id/1039152 https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-8530
https://notcve.org/view.php?id=CVE-2016-8530
A remote denial of service vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or subsequent version. Se ha encontrado una vulnerabilidad de denegación de servicio (DoS) remota en HPE iMC PLAT en versiones v7.2 E0403P06 y anteriores. El problema se ha resuelto en iMC PLAT 7.3 E0504 o en versiones posteriores. • https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382418 https://www.tenable.com/security/research/tra-2017-09 • CWE-20: Improper Input Validation •