CVE-2017-12548

MEDIUM

Description

A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.

References

http://www.securityfocus.com/bid/101029

http://www.securitytracker.com/id/1039437

https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us

Details

Source: MITRE

Published: 2018-02-15

Updated: 2019-10-03

Risk Information

CVSS v2.0

Base Score: 5.5

Vector: AV:L/AC:H/Au:S/C:N/I:C/A:C

Impact Score: 9.2

Exploitability Score: 1.5

Severity: MEDIUM

CVSS v3.0

Base Score: 5.6

Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:H

Impact Score: 5.2

Exploitability Score: 0.3

Severity: MEDIUM