CVE-2017-8990

{"id": "CVE-2017-8990", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2018-08-06T20:29:01.087", "references": [{"url": "http://www.securitytracker.com/id/1040988", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security-alert@hpe.com"}, {"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03852en_us", "tags": ["Vendor Advisory"], "source": "security-alert@hpe.com"}, {"url": "http://www.securitytracker.com/id/1040988", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03852en_us", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wireless Service Manager (WSM) Software earlier than version WSM 7.3 (E0506). This issue was resolved in HPE IMC Wireless Services Manager Software IMC WSM 7.3 E0506P01 or subsequent version."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en HPE Intelligent Management Center (iMC) Wireless Service Manager (WSM) Software en versiones anteriores a la WSM 7.3 (E0506). El problema se resolvi\u00f3 en HPE IMC Wireless Services Manager Software IMC WSM 7.3 E0506P01 y siguientes."}], "lastModified": "2024-11-21T03:35:08.007", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hp:imc_wireless_service_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB459E14-9A08-482E-A9DC-B14760192804", "versionEndExcluding": "7.3"}, {"criteria": "cpe:2.3:a:hp:imc_wireless_service_manager:7.3:e0506:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D84DB80A-BCE1-4D7C-BDCE-7EB040576C0D"}], "operator": "OR"}]}], "sourceIdentifier": "security-alert@hpe.com"}