CVE-2017-14351

critical

Published 2017-09-30 · Modified 2026-05-13

CVSS v3

9.8

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2

7.5

VIR risk

9.8

Description

A potential security vulnerability has been identified in HP UCMDB Configuration Manager versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.23. These vulnerabilities could be remotely exploited to allow code execution.

Predictions

Exploit likelihood

97%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

Application impact

Vendor	Product	Versions
hp	ucmdb_configuration_manager	`10.10`
hp	ucmdb_configuration_manager	`10.11`
hp	ucmdb_configuration_manager	`10.20`
hp	ucmdb_configuration_manager	`10.21`
hp	ucmdb_configuration_manager	`10.22`
hp	ucmdb_configuration_manager	`10.23`

References

https://softwaresupport.hpe.com/km/KM02968622
https://www.tenable.com/security/research/tra-2017-32
https://softwaresupport.hpe.com/km/KM02968622
https://www.tenable.com/security/research/tra-2017-32

Verify integrity in audit chain (admin only). AS-IS.