CVE-2017-5791

Published: Oct 11, 2017Modified: May 13, 2026

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

The doFilter method in UrlAccessController in HPE Intelligent Management Center (iMC) PLAT 7.2 E0403P06 allows remote bypass of authentication via unspecified strings in a URI.

Affected (1)

Products: Hp: Intelligent Management Center Plat

1 product

Intelligent Management Center Plat

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Hp Intelligent Management Center Plat	Version 7.2 e0403p06

Related CWEs

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (10)

http://www.securityfocus.com/bid/101224

Source: security-alert@hpe.com

Third Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/96815

Source: security-alert@hpe.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1037983

Source: security-alert@hpe.com

Third Party AdvisoryVDB Entry

http://www.zerodayinitiative.com/advisories/ZDI-17-161/

Source: security-alert@hpe.com

Third Party AdvisoryVDB Entry

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03716en_us

Source: security-alert@hpe.com

Vendor Advisory

http://www.securityfocus.com/bid/101224

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/96815

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1037983

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.zerodayinitiative.com/advisories/ZDI-17-161/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03716en_us

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.