CVE-2017-5792 – Hewlett Packard Enterprise Intelligent Management Center RMI Registry Deserialization of Untrusted Data Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2017-5792

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found. Se ha encontrado una vulnerabilidad de ejecución remota de código en HPE Intelligent Management Center (iMC) PLAT 7.3 E0504P2. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the euplat RMI registry. The issue lies in the failure to properly validate user-supplied data which can result in deserialization of untrusted data. • https://www.exploit-db.com/exploits/43927 http://www.securityfocus.com/bid/96769 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03713en_us https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03815en_us https://www.tenable.com/security/research/tra-2017-18 https://www.tenable.com/security/research/tra-2018-01 • CWE-502: Deserialization of Untrusted Data •