CVE-2017-5798

EUVD-2017-14875
A Remote Code Execution vulnerability in HPE OpenCall Media Platform (OCMP) was found. The vulnerability impacts OCMP versions prior to 3.4.2 RP201 (for OCMP 3.x), all versions prior to 4.4.7 RP702 (for OCMP 4.x).
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.1 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
Affected Products (NVD)
VendorProductVersion
hpopencall_media_platform
3.0.0 ≤
𝑥
< 3.4.2
hpopencall_media_platform
4.0.0 ≤
𝑥
< 4.4.7
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/98013
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03686en_us
https://www.exploit-db.com/exploits/41927/
http://www.securityfocus.com/bid/98013
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03686en_us
https://www.exploit-db.com/exploits/41927/