HTTP: HPE Intelligent Management Center PLAT flexFileUpload Arbitrary File Upload
An arbitrary file upload vulnerability exists in HPE Intelligent Management Center PLAT. A remote authenticated attacker could exploit this vulnerability by sending a crafted packet to a vulnerable server. Successful exploitation could lead to arbitrary code execution in the context of SYSTEM or root.
Extended Description
A directory traversal vulnerability in HPE Intelligent Management Center (IMC) PLAT 7.3 E0504P02 could allow remote code execution.
Affected Products
Hp intelligent_management_center
Short Name
HTTP:MISC:HPE-FLEXFILEUPLOAD
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Arbitrary CVE-2017-8961 Center File HPE Intelligent Management PLAT Upload flexFileUpload
Release Date
11/23/2017
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3337
False Positive
Unknown
Vendors
Hp
CVSS Score
9.0