The H3C Technical Solution Bulletin for HPE iMC DBMan Messages Security Vulnerability(110727)

 

Background

HPE iMC DBMan have exposed a serious security vulnerability, which is caused by the DBMan message processing defect, The backup path can be set as a path that does not require permission control through 10002 message, and the attacker can obtain the backup data. The vulnerability number is 110727.

Impact

This vulnerability could cause DBMan backup data to be illegally obtained.

H3C Products

H3C R&D team quickly investigated the H3C products.

We found below product is in impact scope:

l Business software products

Solution for H3C Products

For product solutions, please contact H3C Service Hotline: +852 2907 0456 or email: service_hk@h3c.com.