HTTP: HPE Intelligent Management Center ictExpertDownload Expression Language Injection

This signature detects attempts to exploit a known vulnerability against HPE Intelligent Management Center. The vulnerability is due to insufficient handling of the beanName request parameter on ictExpertDownload.xhtml. A remote, authenticated attacker can exploit this vulnerability by sending a crafted request to the target server. Successful exploitation results in the execution of arbitrary code under the security context of the SYSTEM user.

Extended Description

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.

Affected Products

Hp intelligent_management_center

Short Name
HTTP:HPE-INT-MGMT-INJ
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2017-12500 Center Expression HPE Injection Intelligent Language Management ictExpertDownload
Release Date
01/18/2018
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3337
False Positive
Unknown
Vendors

Hp

CVSS Score

9.0

Found a potential security threat?