cbcvebase.
CVE-2016-8530
published 2018-02-15

CVE-2016-8530: A remote denial of service vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or…

PriorityP272high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
48.68%
98.7th percentile
A remote denial of service vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or subsequent version.

Affected

3 ranges
VendorProductVersion rangeFixed in
hewlett_packard_enterpriseimc_plat
hpintelligent_management_center<= 7.2
hpintelligent_management_center

Detection & IOCsextracted from sources · hover to see the quote

url/rptviewer/servlets/redirectviewer
filenamedos_redirectViewer.py
  • The vulnerable endpoint is /rptviewer/servlets/redirectviewer — monitor for unexpected or malformed requests to this servlet path on HPE iMC PLAT systems.
  • The DoS is triggered via a readObject call in RedirectServlet.java — look for deserialized Java object payloads (e.g., Apache Commons Collections gadget chains) sent to the redirectviewer endpoint.
  • A FileInputStream is involved in the vulnerable code path — anomalous file read activity on the iMC server process following requests to the redirectviewer servlet may indicate exploitation.
  • The parafile parameter in the redirectviewer servlet is also affected by a path traversal issue (CVE-2016-8525) — monitor for directory traversal sequences in the parafile parameter as a co-indicator of attacker activity on the same endpoint.
  • ·The PoC (dos_redirectViewer.py) and testing were performed on a Windows 7 installation of iMC PLAT 7.2 E0403P06 — detection logic may need adjustment for other OS deployments.
  • ·The vulnerability affects iMC PLAT v7.2 E0403P06 and earlier; iMC PLAT 7.3 E0504 is the fixed version — ensure version checks in detection rules scope to vulnerable versions only.

CVSS provenance

nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vulncheck7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.