Fwd: [CIVN-2020-0440] Remote Code Execution Vulnerability in Hewlett Packard Enterprise

Systems Affected

HPE Systems Insight Manager (SIM) version 7.6.x

Overview

A remote code execution vulnerability has been reported in Hewlett Packard

Enterprise Systems Insight Manager (SIM) which could allow a remote

attacker to execute arbitrary code on the target system.

Description

This vulnerability exists in the Hewlett Packard Enterprise Systems Insight

Manager (SIM) due to improper validation of user supplied input. A remote

attacker could exploit this vulnerability by executing a specially crafted

input which could result in deserialization of untrusted data. 

Successful exploitation of this vulnerability could allow the attacker to

execute arbitrary code on the target system.

Workaround

Users will be unable to use the federated search feature once the

simsearch.war file is removed from the install path. 

For existing installations, the following steps are to be taken to remove

the "Federated Search" & "Federated CMS Configuration" feature which

allowed the vulnerability.

Stop HPE SIM Service

Delete file from sim installed path del /Q /F C:\Program Files\HP\Systems

Insight Manager\jboss\server\hpsim\deploy\simsearch.war

Restart HPE SIM Service

execute the following command from command prompt. mxtool -r -f

tools\multi-cms-search.xml 1>nul 2>nul

Vendor Information

Hewlett Packard

gn04068en_us

References

Hewlett Packard

gn04068en_us

IBM X-Force Exchange

Bleeping Computer

day-in-server-management-software/

CVE Name

CVE-2020-7200