HTTP: HPE Intelligent Management Center userSelectPagingContent Expression Language Injection
This signature detects attempts to exploit a known vulnerability in HPE Intelligent Management Center. Successful exploitation results in the execution of arbitrary code under the security context of the SYSTEM user.
Extended Description
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
Affected Products
Hp intelligent_management_center
Short Name
HTTP:HPE-INT-MGMT-CTR-ELI
Severity
Critical
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2017-12521 Center Expression HPE Injection Intelligent Language Management userSelectPagingContent
Release Date
09/14/2017
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3337
False Positive
Unknown
Vendors
Hp
CVSS Score
9.0