This script is Copyright (C) 2014 Tenable Network Security, Inc.
The version of the HP Branch Intelligent Management System module
on the remote host is affected by multiple vulnerabilities.
The version of the HP Intelligent Management Center Branch Intelligent
Management System module on the remote host is a version prior to 5.2
E0401 and is potentially affected by multiple vulnerabilities :
- The 'bimsDownload' servlet is not protected by
authentication and could be used to access any file on
the system remotely. (CVE-2013-4823)
- The 'UploadServlet' in the BIM module allows
unauthenticated users to remotely upload arbitrary files
to specific locations on the host. (CVE-2013-4822)
See also :
Upgrade the iMC BIMs module to version 5.2 E0401 or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.7
Public Exploit Available : true