96755

https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03710en_us

https://www.tenable.com/security/research/tra-2017-12

The H3C or HPE Intelligent Management Center (iMC) web server running on the remote host is affected by a remote code execution vulnerability in accessMgrServlet due to unsafe deserialization of Java objects to various libraries. An unauthenticated, remote attacker can exploit this, by sending a specially crafted HTTP request, to execute arbitrary code on the target host.

Note that Intelligent Management Center (iMC) is an HPE product;
however, it is branded as H3C.

CVE-2017-5790

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Tenable Plugins