Basque Cyber Security Centre - Zibersegurtasun Euskal Zentroa

Fitxategi arbitrarioen urruneko aldaketa HPE iMC-n

Argitalpen data: 2018/08/28

Garrantzia: Handia

Kaltetutako baliabideak:

  • HPE Intelligent Management Center (iMC) Plat 7.3 E0506P09, ondorengo produktuak kaltetuz:
    • JD125A HP IMC Std S/W Platform w/100-node
    • JD126A HP IMC Ent S/W Platform w/100-node
    • JD808A HP IMC Ent Platform w/100-node License
    • JD814A HP A-IMC Enterprise Edition Software DVD Media
    • JD815A HP IMC Std Platform w/100-node License
    • JD816A HP A-IMC Standard Edition Software DVD Media
    • JF288AAE HP Network Director to Intelligent Management Center Upgrade E-LTU
    • JF289AAE HP Enterprise Management System to Intelligent Management Center Upgrade E-LTU
    • JF377A HP IMC Std S/W Platform w/100-node Lic
    • JF377AAE HP IMC Std S/W Pltfrm w/100-node E-LTU
    • JF378A HP IMC Ent S/W Platform w/200-node Lic
    • JF378AAE HP IMC Ent S/W Pltfrm w/200-node E-LTU
    • JG546AAE HP IMC Basic SW Platform w/50-node E-LTU
    • JG548AAE HP PCM to IMC Bsc Upgr w/50-node E-LTU
    • JG549AAE HP PCM to IMC Std Upgr w/200-node E-LTU
    • JG747AAE HP IMC Std SW Plat w/ 50 Nodes E-LTU
    • JG748AAE HP IMC Ent SW Plat w/ 50 Nodes E-LTU
    • JG768AAE HP PCM to IMC Std Upg w/ 200-node E-LTU
    • JG550AAE HPE PCM Mobility Manager to IMC Basic WLAN Platform Upgrade 50-node and 150-AP E-LTU
    • JG590AAE HPE IMC Basic WLAN Manager Software Platform 50 Access Point E-LTU
    • JG660AAE HP IMC Smart Connect with Wireless Manager Virtual Appliance Edition E-LTU
    • JG766AAE HP IMC Smart Connect Virtual Appliance Edition E-LTU
    • JG767AAE HP IMC Smart Connect with Wireless Manager Virtual Appliance Edition E-LTU
    • JG768AAE HPE PCM to IMC Standard Software Platform Upgrade with 200-node E-LTU
    • JH704AAE Aruba IMC Std SW Plat w/50-node E-LTU
    • JH705AAE Aruba IMC Ent SW Plat w/50-node E-LTU

Azalpena:

HPE Intelligent Center (iMC) PLAT E0506P09 produktuaren ahultasun bat aurkitu da. Hori baliatuz fitxategi arbitrarioak alda litezke urrunetik.

Konponbidea:

Hewlett Packard Enterprise-k ahultasun hori konpontzen duen Intelligent Management Center (IMC) PLAT E0605P04 eguneraketa argitaratu du.

https://support.hpe.com/hpesc/public/home webgunetik jaits daitezke firmwarearen eguneraketak.

Xehetasuna:

Kaltetutako produktuan dagoen ahultasuna urrunetik balia liteke fitxategi arbitrarioak aldatzea lortzeko. Ahultasun horretarako CVE-2018-7102 identifikatzailea erreserbatu da.

Etiketak: Eguneraketa, HP, Ahultasuna