HPE Network Node Manager i (NNMi) Multiple Vulnerabilities (HPESBGN03762)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

An application installed on the remote Linux host is affected by
multiple vulnerabilities.

Description :

The version of HPE Network Node Manager i (NNMi) installed on the
remote Linux host is 10.0x prior to 10.00 Patch 5, 10.1x prior to
10.10 Patch 4, or 10.2x prior to 10.20 Patch 3. It is, therefore,
affected by multiple vulnerabilities that allow an unauthenticated,
remote attacker to execute arbitrary code, bypass security
restrictions, and perform unauthorized actions.

Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.

See also :

http://www.nessus.org/u?821afdbf

Solution :

Upgrade to HPE Network Node Manager i version 10.00 Patch 5 / 10.10
Patch 4 / 10.20 Patch 3 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Red Hat Local Security Checks

Nessus Plugin ID: 101296 ()

Bugtraq ID: 99342

CVE ID: CVE-2017-8948

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now