E19-ma2v1
CVSS:
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
False Positive:
t
Variants:
1
Year:
2017
Description
An insecure deserialization vulnerability exists in HPE intelligent Management Center PLAT v7.3 E0504.
The flaw arises due to lack of security checks when processing the POST payload for the '/imc/topo/WebDMDebugServlet' endpoint.
Successful attacks result in arbitrary remote code execution with root privileges.