Tenable Research Advisory: Multiple HPE iMC Vulnerabilities Could Lead to Remote Code Execution or Denial of Service
Tenable Research discovered multiple vulnerabilities in the HPE Intelligent Management Center. HPE is currently working to fix the issues and plans to release patches on Nov. 30.
- What you need to know: Multiple vulnerabilities were found in HPE iMC, ranging from denial-of-service (DoS) to remote code execution.
- What’s the attack vector? Multiple listening ports related to HPE iMC.
- What’s the business impact? Potential DoS, information disclosure, and asset takeover.
- What’s the solution? There are no patches or workarounds currently. HPE plans to release a patch on or around Nov. 30.
Contexto
Tenable researcher Chris Lyne discovered several security vulnerabilities in the HPE Intelligent Management Center (HPE iMC). HPE iMC is a network management tool used to monitor assets and their configurations. HPE iMC is often deployed as a large-scale enterprise virtual/physical management solution.
These vulnerabilities include two DoS attacks, two information disclosures, and a remote code execution (RCE). The dbman service could also allow a remote, unauthenticated user to trigger a manual backup to an arbitrary location on the file system.
Análise
Two vulnerabilities were discovered in HPE iMC’s “dbman.exe” process that can potentially lead to DoS attacks. By sending malicious messages to port 2810, an attacker could cause a stack based buffer overflow, or reboot the service gracefully.
The remote code execution vulnerability was discovered in HPE iMC's JMX service, which listens on TCP port 9091 by default. This vulnerability can be exploited remotely without authentication. The vulnerability exists due to JMX being configured to start without requiring authentication.
Identifying affected assets
Tenable has released plugins to scan for these issues.
Vendor response
Tenable Research has contacted HP about these vulnerabilities. HP has confirmed it’s aware, and a fix for this will be available in an upcoming release. At the time of publication, HP projects a fix for this issue will be available on or around Nov. 30.
Additional information
- Read the Tenable Research Advisory
- Visit the Tenable Techblog on Medium to read researcher Chris Lyne's in-depth story about his work uncovering this vulnerability.
Learn more about Tenable.io, the first Cyber Exposure platform for holistic management of your modern attack surface. Get a free 60-day trial of Tenable.io Vulnerability Management.
Artigos relacionados
Microsoft’s May 2024 Patch Tuesday Addresses 59 CVEs (CVE-2024-30051, CVE-2024-30040)
May 14, 2024Microsoft addresses 59 CVEs in its May 2024 Patch Tuesday release with one critical vulnerability and three zero-day vulnerabilities, two of which were exploited in the wild.
CVE-2024-21793, CVE-2024-26026: Proof of Concept Available for F5 BIG-IP Next Central Manager Vulnerabilities
May 9, 2024Researchers disclose multiple vulnerabilities in F5 BIG-IP Next Central Manager and provide proof-of-concept exploit code, which could lead to exposure of hashed passwords.
Cybersecurity Snapshot: Attackers Pounce on Unpatched Vulns, DBIR Says, as Critical Infrastructure Orgs Benefit from CISA’s Alert Program
May 3, 2024Verizon’s DBIR found that hackers are having a field day exploiting vulnerabilities to gain initial access. Plus, a CISA program is helping critical infrastructure organizations prevent ransomware attacks. In addition, check out what Tenable’s got planned for RSA Conference 2024. And get the latest on the Change Healthcare breach. And much more!
Microsoft’s May 2024 Patch Tuesday Addresses 59 CVEs (CVE-2024-30051, CVE-2024-30040)
May 14, 2024Microsoft addresses 59 CVEs in its May 2024 Patch Tuesday release with one critical vulnerability and three zero-day vulnerabilities, two of which were exploited in the wild.
Tenable Cloud Security Study Reveals a Whopping 95% of Surveyed Organizations Suffered a Cloud-Related Breach Over an 18-Month Period
May 14, 2024The finding from the Tenable 2024 Cloud Security Outlook study is a clear sign of the need for proactive and robust cloud security. Read on to learn more about the study’s findings, including the main challenges cloud security teams face, their strategies for better protecting their cloud infrastructure and the tools they use to measure success.
Shifting the Paradigm: Why the Cyber Insurance Industry Should Focus on Preventive Security
May 13, 2024As claims and losses climb, it’s clear that preventive security should be prioritized more when designing a cyber insurance policy. Here’s why preventive security investments are cost effective and can lead to lower premiums.
- Vulnerability Management