CVE-2017-14351

high-risk
Published 2017-09-30

A potential security vulnerability has been identified in HP UCMDB Configuration Manager versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.23. These vulnerabilities could be remotely exploited to allow code execution.

Do I need to act?

~
2.6% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (6)

Ucmdb Configuration Manager
Ucmdb Configuration Manager
Ucmdb Configuration Manager
Ucmdb Configuration Manager
Ucmdb Configuration Manager
Ucmdb Configuration Manager

Affected Vendors

Hp

References (4)

https://softwaresupport.hpe.com/km/KM02968622
https://www.tenable.com/security/research/tra-2017-32
https://softwaresupport.hpe.com/km/KM02968622
https://www.tenable.com/security/research/tra-2017-32
51
/ 100
high-risk
Severity 32/34 · Critical
Exploitability 6/34 · Minimal
Exposure 13/34 · Low