Signature Detail
Short Name |
APP:HP-MGMT-BIMS-FILE-UPLOAD |
|---|---|
Severity |
High |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
APP |
Keywords |
HP Intelligent Management Center BIMS UploadServlet Arbitrary File Upload |
Release Date |
2013/10/31 |
Update Number |
2315 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: HP Intelligent Management Center BIMS UploadServlet Arbitrary File Upload
This signature detects attempts to exploit a known vulnerability against HP Intelligent Management Center. A successful attack can lead to remote code execution.
Extended Description
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (aka BIMS) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1606.
Affected Products
- hp imc_branch_intelligent_management_system_software_module 5.0
- hp imc_branch_intelligent_management_system_software_module 5.1
- hp imc_branch_intelligent_management_system_software_module 5.2
- hp intelligent_management_center 5.0 (e0101)
- hp intelligent_management_center 5.0 (e0101h03)
- hp intelligent_management_center 5.0 (e0101h04)
- hp intelligent_management_center 5.0 (e0101l01)
- hp intelligent_management_center 5.0 (e0101l02)
- hp intelligent_management_center 5.1 (e0101p01)
- hp intelligent_management_center 5.2
References
- BugTraq: 62895
- CVE: CVE-2013-4822