SB2017100402 - Multiple vulnerabilities in HP Intelligent Management Center

Description

This security bulletin contains information about 8 secuirty vulnerabilities.

1) Deserialization of untrusted data (CVE-ID: CVE-2017-12556)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a deserialization flaw in MibBrowserTopoFilterServlet. A remote attacker can send specially crafted data to TCP port 8080 or 8443 and execute arbitrary code with System privileges.

Successful exploitation of the vulnerability may result in system compromise.

2) Deserialization of untrusted data (CVE-ID: CVE-2017-12557)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a deserialization flaw in WebDMDebugServlet. A remote attacker can send specially crafted data to TCP port 8080 or 8443 and execute arbitrary code with System privileges.

Successful exploitation of the vulnerability may result in system compromise.

3) Deserialization of untrusted data (CVE-ID: CVE-2017-12558)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a deserialization flaw in WebDMServlet. A remote attacker can send specially crafted data to TCP port 8080 or 8443 and execute arbitrary code with System privileges.

Successful exploitation of the vulnerability may result in system compromise.

4) Improper input validation (CVE-ID: CVE-2017-12559)

The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The weakness exists due to input validation flaw in the mibFileServlet servlet. A remote attacker can send specially crafted data to TCP port 8080 or 8443 to delete arbitrary files and cause the application to crash.

5) Improper input validation (CVE-ID: CVE-2017-12560)

The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The weakness exists due to input validation flaw in the mibFileServlet servlet. A remote attacker can send specially crafted data to TCP port 8080 or 8443 to delete arbitrary directories and cause the application to crash.

6) Use-after-free error (CVE-ID: CVE-2017-12561)

The vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in the mibFileServlet servlet. A remote attacker can send specially crafted data to the dbman service on TCP port 2810 to delete arbitrary files and execute arbitrary code with System privileges.

Successful exploitation of the vulnerability may result in system compromise.

7) Improper input validation (CVE-ID: CVE-2017-12554)

The vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.

The weakness exists due to input validation flaw in the mibFileServlet servlet. A remote attacker can send specially crafted data to TCP port 8080 or 8443 to rename arbitrary files and execute arbitrary code with System privileges.

Successful exploitation of the vulnerability may result in system compromise.

8) Improper input validation (CVE-ID: CVE-2017-12555)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to input validation error in HPE Intelligent Management Center (iMC) Service Operation Management (SOM). A remote attacker can send a specially crafted request to read arbitrary data or download arbitrary files.

Remediation

Install update from vendor's website.

References

• http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=hpesbhf03778en_us
• https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=hpesbhf03777en_us
• https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=hpesbhf03781en_us
• https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=hpesbhf03782en_us
• http://h20565.www2.hpe.com/hpsc/doc/public/display?docId=hpesbhf03776en_us