HP Intelligent Management Center SOM Module < 7.0 E0101 Multiple Vulnerabilities
High Nessus Plugin ID 71892
SynopsisThe version of the HP Intelligent Management Center Service Operation Management Software module on the remote host is affected by multiple vulnerabilities.
DescriptionThe version of the HP Intelligent Management Center Service Operation Management Software Module on the remote is prior to 7.0 E0101. It is therefore, potentially affected by multiple vulnerabilities :
- An authentication bypass vulnerability exists in the 'euAccountService' servlet that allows arbitrary users to be created without authentication. (CVE-2013-4824)
- An information disclosure vulnerability exists in the 'sdFileDownload' servlet that allows for arbitrary file access. (CVE-2013-4826)
SolutionUpgrade the iMC SOM module to version 7.0 E0101 or later.