CVE-2013-4826
published 2013-10-13CVE-2013-4826: Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to obtain…
PriorityP340medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
31.56%
98.1th percentile
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1647.
Detection & IOCsextracted from sources · hover to see the quote
- →Detect unauthenticated HTTP requests targeting the FileDownloadServlet endpoint in HP iMC SOM component, which allows arbitrary file download with SYSTEM privileges without authentication. ↗
- →Monitor for remote unauthenticated access to HP iMC SOM FileDownloadServlet; exploitation does not require credentials and can be performed by any remote attacker. ↗
- ·The vulnerability affects both HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module; both products should be assessed. ↗
- ·Exploitation was confirmed on Windows 2003 SP2; behavior on other OS platforms may differ. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
2013-10-13
Published