CVE-2017-12555 — Sensitive Information Exposure in Packard Enterprise Intelligent Management Center Service Operation Management

CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

6.5MEDIUMNVD

EPSS

0.6%

top 31.22%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Hewlett Packard Enterprise Intelligent Management Center Service Operation Management HP Intelligent Management Center

Timeline

PublishedFeb 15

Latest updateMay 14

Description

A remote arbitrary file download and disclosure of information vulnerability in HPE Intelligent Management Center (iMC) Service Operation Management (SOM) version IMC SOM 7.3 E0501 was found.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5hewlett_packard_enterprise/intelligent_management_center_service_operation_managementIMC SOM 7.3 E0501

▶NVDhp/intelligent_management_center7.3

🔴Vulnerability Details

GHSA

GHSA-m8h9-vcg8-hm9c: A remote arbitrary file download and disclosure of information vulnerability in HPE Intelligent Management Center (iMC) Service Operation Management (↗2022-05-14

▶

CVEList

CVE-2017-12555: A remote arbitrary file download and disclosure of information vulnerability in HPE Intelligent Management Center (iMC) Service Operation Management (↗2018-02-15

▶