CVE-2024-6206

EUVD-2024-47343
A security vulnerability has been identified in HPE Athonet Mobile Core software. The core application contains a code injection vulnerability where a threat actor could execute arbitrary commands with the privilege of the underlying container leading to complete takeover of the target system.
Code Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 36%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
hpehpe_athonet_mobile_care
𝑥
≤ 1.23.4.2
ADP
Common Weakness Enumeration
References
https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn04659en_us&docLocale=en_US
https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn04659en_us&docLocale=en_US