CVE-2017-8961
published 2018-02-15CVE-2017-8961: A directory traversal vulnerability in HPE Intelligent Management Center (IMC) PLAT 7.3 E0504P02 could allow remote code execution.
PriorityP182high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
19.40%
97.0th percentile
A directory traversal vulnerability in HPE Intelligent Management Center (IMC) PLAT 7.3 E0504P02 could allow remote code execution.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hewlett_packard_enterprise | intelligent_management_center | — | — |
| hp | intelligent_management_center | — | — |
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
vulncheck8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-vmxf-f8cr-mhq7: A directory traversal vulnerability in HPE Intelligent Management Center (IMC) PLAT 7
ghsa_unreviewed·2022-05-14
CVE-2017-8961 [HIGH] CWE-22 GHSA-vmxf-f8cr-mhq7: A directory traversal vulnerability in HPE Intelligent Management Center (IMC) PLAT 7
A directory traversal vulnerability in HPE Intelligent Management Center (IMC) PLAT 7.3 E0504P02 could allow remote code execution.
VulnCheck
HP intelligent_management_center Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
vulncheck·2017·CVSS 8.8
CVE-2017-8961 [HIGH] HP intelligent_management_center Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
HP intelligent_management_center Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
A directory traversal vulnerability in HPE Intelligent Management Center (IMC) PLAT 7.3 E0504P02 could allow remote code execution.
Affected: HP intelligent_management_center
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-08-15&host_type=src&vulnerability=cve-2017-8961; https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-08-22&host_type=src&vulnerability=cve-2017-8961; https://dashboard.shadowserver.org/statistics/honeypot/vulnerabi
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2018-02-15
Published
Exploited in the wild