CVE-2017-13983

EUVD-2017-5498
An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to bypass authentication.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 94%
Affected Products (NVD)
VendorProductVersion
hpbsm_platform_application_performance_management_system_health
9.26
hpbsm_platform_application_performance_management_system_health
9.30
hpbsm_platform_application_performance_management_system_health
9.40
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.zerodayinitiative.com/advisories/ZDI-17-722/
https://softwaresupport.hpe.com/km/KM02942065
https://www.auscert.org.au/bulletins/52154
http://www.zerodayinitiative.com/advisories/ZDI-17-722/
https://softwaresupport.hpe.com/km/KM02942065
https://www.auscert.org.au/bulletins/52154