Severity Rating: HIGH
Systems Affected
HPE Systems Insight Manager (SIM) version 7.6.x
Overview
A remote code execution vulnerability has been reported in Hewlett Packard
Enterprise Systems Insight Manager (SIM) which could allow a remote
attacker to execute arbitrary code on the target system.
Description
This vulnerability exists in the Hewlett Packard Enterprise Systems Insight
Manager (SIM) due to improper validation of user supplied input. A remote
attacker could exploit this vulnerability by executing a specially crafted
input which could result in deserialization of untrusted data.
Successful exploitation of this vulnerability could allow the attacker to
execute arbitrary code on the target system.
Workaround
Users will be unable to use the federated search feature once the
simsearch.war file is removed from the install path.
For existing installations, the following steps are to be taken to remove
the "Federated Search" & "Federated CMS Configuration" feature which
allowed the vulnerability.
Stop HPE SIM Service
Delete file from sim installed path del /Q /F C:\Program Files\HP\Systems
Insight Manager\jboss\server\hpsim\deploy\simsearch.war
Restart HPE SIM Service
Wait for HPE SIM web page "https://SIM_IP:50000" to be accessible and
execute the following command from command prompt. mxtool -r -f
tools\multi-cms-search.xml 1>nul 2>nul
Vendor Information
Hewlett Packard
gn04068en_us
References
Hewlett Packard
gn04068en_us
IBM X-Force Exchange
Bleeping Computer
day-in-server-management-software/
CVE Name
CVE-2020-7200
About Cert Advisory
We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.