cbcvebase.
CVE-2017-12544
published 2018-02-15

CVE-2017-12544: A cross-site scripting vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.

PriorityP432medium5.4CVSS 3.0
AVNACLPRLUIRSCCLILAN
EXPLOIT
EPSS
4.60%
90.5th percentile
A cross-site scripting vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.

Affected

2 ranges
VendorProductVersion rangeFixed in
hewlett_packard_enterprisesystem_management_homepage_for_windows_and_linux
hpsystem_management_homepage< 7.6.17.6.1

Detection & IOCsextracted from sources · hover to see the quote

url/gsearch.php.en?prod=';prompt`document.domain`;//
  • Send a GET request to /gsearch.php.en with the `prod` parameter set to the XSS payload and check the response body for the reflected string `var prodName = '';prompt\`document.domain\`;//';` with HTTP 200 and Content-Type text/html.
  • Confirm exploitation by matching the reflected payload in the HTTP response body: `var prodName = '';prompt\`document.domain\`;//';`
  • Verify the response Content-Type header contains `text/html` and HTTP status is 200 to confirm the vulnerable endpoint is active.
  • ·Vulnerability affects HPE System Management Homepage for Windows and Linux versions prior to v7.6.1 only; patched versions are not vulnerable.
  • ·Exploitation requires an authenticated low-privileged user (PR:L) and user interaction (UI:R), limiting opportunistic exploitation.
  • ·The attack can be used to steal cookie-based authentication credentials, making session hijacking a primary post-exploitation risk.

CVSS provenance

nvdv3.05.4MEDIUMCVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
nvdv2.03.5LOWAV:N/AC:M/Au:S/C:N/I:P/A:N
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.