HPE Smart Storage Administrator < RCE

High Nessus Plugin ID 97859


An application installed on the remote Windows host is affected by a remote code execution vulnerability.


The version of HPE Smart Storage Administrator installed on the remote Windows host is prior to It is, therefore, affected by a flaw in function isDirectFileAccess() in file ipcelmclient.php due to improper sanitization of user-supplied input to the 'command' variable. An authenticated, remote attacker can exploit this, via a specially crafted HTTP request, to execute arbitrary code on the system.

Note that Nessus has not attempted to exploit this issue but has instead relied only on the application's self-reported version number.


Upgrade to HPE Smart Storage Administrator version or later.

See Also


Plugin Details

Severity: High

ID: 97859

File Name: hpe_smart_storage_administrator_2_60_18_0.nasl

Version: $Revision: 1.3 $

Type: local

Agent: windows

Family: Windows

Published: 2017/03/21

Modified: 2017/03/24

Dependencies: 97860

Risk Information

Risk Factor: High


Base Score: 9

Temporal Score: 7

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C


Base Score: 8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: x-cpe:/a:hpe:smart_storage_administrator

Required KB Items: installed_sw/HPE Smart Storage Administrator

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2016/10/24

Vulnerability Publication Date: 2017/01/30

Reference Information

CVE: CVE-2016-8523

BID: 95868

OSVDB: 151151

HP: emr_na-c05382349, HPESBMU03701

IAVA: 2017-A-0031

EDB-ID: 41297