HPE has released an update for its Intelligent Management Center (iMC) platform to address several vulnerabilities, including critical flaws that allow remote attackers to execute arbitrary code on affected systems.
HPE Intelligent Management Centre is a comprehensive network infrastructure management platform designed for campus core and data center networks. According to the vendor, the product was built to support the Fault, Configuration, Accounting, Performance, Security (FCAPS) model.
A few months ago, Steven Seeley of Offensive Security discovered a total of seven vulnerabilities in the product. The expert noticed that the dbman service in HPE iMC, which listens on TCP port 2810 by default, introduces a weakness that allows an unauthenticated attacker to execute arbitrary code (CVE-2017-12561).
