CVE-2017-13983

An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to bypass authentication.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
microfocusCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
VendorProductVersion
hpbsm_platform_application_performance_management_system_health
9.26
hpbsm_platform_application_performance_management_system_health
9.30
hpbsm_platform_application_performance_management_system_health
9.40
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.zerodayinitiative.com/advisories/ZDI-17-722/
https://softwaresupport.hpe.com/km/KM02942065
https://www.auscert.org.au/bulletins/52154
http://www.zerodayinitiative.com/advisories/ZDI-17-722/
https://softwaresupport.hpe.com/km/KM02942065
https://www.auscert.org.au/bulletins/52154