CVE-2016-8530
published 2018-02-15CVE-2016-8530: A remote denial of service vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or…
PriorityP272high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
48.68%
98.7th percentile
A remote denial of service vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or subsequent version.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hewlett_packard_enterprise | imc_plat | — | — |
| hp | intelligent_management_center | <= 7.2 | — |
| hp | intelligent_management_center | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerable endpoint is /rptviewer/servlets/redirectviewer — monitor for unexpected or malformed requests to this servlet path on HPE iMC PLAT systems. ↗
- →The DoS is triggered via a readObject call in RedirectServlet.java — look for deserialized Java object payloads (e.g., Apache Commons Collections gadget chains) sent to the redirectviewer endpoint. ↗
- →A FileInputStream is involved in the vulnerable code path — anomalous file read activity on the iMC server process following requests to the redirectviewer servlet may indicate exploitation. ↗
- →The parafile parameter in the redirectviewer servlet is also affected by a path traversal issue (CVE-2016-8525) — monitor for directory traversal sequences in the parafile parameter as a co-indicator of attacker activity on the same endpoint. ↗
- ·The PoC (dos_redirectViewer.py) and testing were performed on a Windows 7 installation of iMC PLAT 7.2 E0403P06 — detection logic may need adjustment for other OS deployments. ↗
- ·The vulnerability affects iMC PLAT v7.2 E0403P06 and earlier; iMC PLAT 7.3 E0504 is the fixed version — ensure version checks in detection rules scope to vulnerable versions only. ↗
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vulncheck7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-wcxf-qrvr-347p: A remote denial of service vulnerability in HPE iMC PLAT version v7
ghsa_unreviewed·2022-05-14
CVE-2016-8530 [HIGH] CWE-20 GHSA-wcxf-qrvr-347p: A remote denial of service vulnerability in HPE iMC PLAT version v7
A remote denial of service vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or subsequent version.
VulnCheck
HP intelligent_management_center Improper Input Validation
vulncheck·2016·CVSS 7.5
CVE-2016-8530 [HIGH] HP intelligent_management_center Improper Input Validation
HP intelligent_management_center Improper Input Validation
A remote denial of service vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or subsequent version.
Affected: HP intelligent_management_center
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://blog.checkpoint.com/security/december-2021s-most-wanted-malware-trickbot-emotet-and-the-log4j-plague/; https://blog.checkpoint.com/security/april-2022s-most-wanted-malware-a-shake-up-in-the-index-but-emotet-is-still-on-top/; https://blog.checkpoint.com/security/april-2024s-most-wanted-malware-surge-in-androxgh0st-attacks-and-the-de
No detection rules found.
No public exploits indexed.
2018-02-15
Published
Exploited in the wild