ID CVE-2013-4823
Summary Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (aka BIMS) allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1607.
References
Vulnerable Configurations
  • cpe:2.3:a:hp:intelligent_management_center
    cpe:2.3:a:hp:intelligent_management_center
  • HP Intelligent Management Center (IMC) 5.2
    cpe:2.3:a:hp:intelligent_management_center:5.2
  • HP Intelligent Management Center (IMC) 5.1 E0101P01
    cpe:2.3:a:hp:intelligent_management_center:5.1:e0101p01
  • HP Intelligent Management Center (IMC) 5.1
    cpe:2.3:a:hp:intelligent_management_center:5.1
  • HP Intelligent Management Center (IMC) 5.0 E0101L02
    cpe:2.3:a:hp:intelligent_management_center:5.0:e0101l02
  • HP Intelligent Management Center (IMC) 5.0 E0101L01
    cpe:2.3:a:hp:intelligent_management_center:5.0:e0101l01
  • HP Intelligent Management Center (IMC) 5.0 E0101H04
    cpe:2.3:a:hp:intelligent_management_center:5.0:e0101h04
  • HP Intelligent Management Center (IMC) 5.0 E0101H03
    cpe:2.3:a:hp:intelligent_management_center:5.0:e0101h03
  • HP Intelligent Management Center (IMC) 5.0 E0101
    cpe:2.3:a:hp:intelligent_management_center:5.0:e0101
  • HP Intelligent Management Center (IMC) 5.0
    cpe:2.3:a:hp:intelligent_management_center:5.0
  • IMC Branch Intelligent Management System Software Module 5.0
    cpe:2.3:a:hp:imc_branch_intelligent_management_system_software_module:5.0
  • IMC Branch Intelligent Management System Software Module 5.1
    cpe:2.3:a:hp:imc_branch_intelligent_management_system_software_module:5.1
  • IMC Branch Intelligent Management System Software Module 5.2
    cpe:2.3:a:hp:imc_branch_intelligent_management_system_software_module:5.2
CVSS
Base: 5.0 (as of 15-10-2013 - 09:02)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
metasploit via4
description This module exploits a lack of authentication and a directory traversal in HP Intelligent Management, specifically in the DownloadServlet from the BIMS component, in order to retrieve arbitrary files with SYSTEM privileges. This module has been tested successfully on HP Intelligent Management Center 5.1 E0202 with BIMS 5.1 E0201 over Windows 2003 SP2.
id MSF:AUXILIARY/SCANNER/HTTP/HP_IMC_BIMS_DOWNLOADSERVLET_TRAVERSAL
last seen 2018-10-27
modified 2017-07-24
published 2013-10-19
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/hp_imc_bims_downloadservlet_traversal.rb
title HP Intelligent Management BIMS DownloadServlet Directory Traversal
nessus via4
  • NASL family Misc.
    NASL id HP_IMC_WEB_BIMS_FILE_DOWNLOAD.NASL
    description The HP Intelligent Management Center (IMC) application running on the remote host is affected by an information disclosure vulnerability in the included IMC Branch Intelligent Management System (BIMS) Module, specifically within the bimsDownload servlet, due to a failure to require authentication. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to disclose the contents of arbitrary files on the system. Note that HP IMC is reportedly affected by additional vulnerabilities; however, Nessus has not tested for these.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 71887
    published 2014-01-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71887
    title HP Intelligent Management Center BIMS Module Information Disclosure
  • NASL family Misc.
    NASL id HP_IMC_BIMS_52_E401.NASL
    description The version of the HP Intelligent Management Center Branch Intelligent Management System module on the remote host is a version prior to 5.2 E0401 and is potentially affected by multiple vulnerabilities : - The 'bimsDownload' servlet is not protected by authentication and could be used to access any file on the system remotely. (CVE-2013-4823) - The 'UploadServlet' in the BIM module allows unauthenticated users to remotely upload arbitrary files to specific locations on the host. (CVE-2013-4822)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 71891
    published 2014-01-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71891
    title HP Intelligent Management Center Branch Intelligent Management Module Multiple Vulnerabilities
refmap via4
hp
  • HPSBGN02929
  • SSRT101026
Last major update 15-10-2013 - 13:16
Published 13-10-2013 - 06:20
Back to Top