CVE-2018-7114 — Improper Restriction of Operations within the Bounds of a Memory Buffer in HP Intelligent Management Center

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources

Severity

9.8CRITICALNVD

EPSS

61.6%

top 1.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Intelligent Management Center Hewlett Packard Enterprise HPE Intelligent Management Center

Timeline

PublishedDec 3

Latest updateMay 14

Description

HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to remote buffer overflow in dbman leading to code execution. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

▶NVDhp/intelligent_management_center< 7.3+1

▶CVEListV5hewlett_packard_enterprise/hpe_intelligent_management_centerprior to IMC PLAT 7.3 (E0605P06)

🔴Vulnerability Details

GHSA

GHSA-c5fv-gcrm-xxhx: HPE Intelligent Management Center (IMC) prior to IMC PLAT 7↗2022-05-14

▶

CVEList

CVE-2018-7114: HPE Intelligent Management Center (IMC) prior to IMC PLAT 7↗2018-12-03

▶