1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: HP Intelligent Management Center CVE-2012-5202

Attack: HP Intelligent Management Center CVE-2012-5202

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a directory traversal vulnerability in HP Intelligent Management Center which could lead to information disclosure.

Additional Information

HP Intelligent Management Center is a network management application.

HP Intelligent Management Center is prone to an information-disclosure vulnerability. Specifically, this issue occurs because the 'FaultDownloadServlet' servlet allows for the disclosure of files readable by SYSTEM. Attackers can exploit this issue to disclose administrative credentials, which may aid in a remote code execution.

Remote attackers can exploit this issue to gain access to sensitive information that may aid in further attacks.

Note: This issue was previously discussed in BID 58385 (Multiple HP Products Multiple Unspecified Remote Security Vulnerabilities), but has been given its own record to better document it.

Affected

  • HP Intelligent Management Center
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube