N/A

This document describes a security vulnerability in Blade Maintenance Entity, Integrated Maintenance Entity and Maintenance Entity products. All J/H-series NonStop systems have a security vulnerability associated with an open UDP port 17185 on the Maintenance LAN which could result in information disclosure, denial-of-service attacks or local memory corruption against the affected system and a complete control of the system may also be possible. This vulnerability exists only if one gains access to the Maintenance LAN to which Blade Maintenance Entity, Integrated Maintenance Entity or Maintenance Entity product is connected. **Workaround:** Block the UDP port 17185(In the Maintenance LAN Network Switch/Firewall). Fix: Install following SPRs, which are already available: * T1805A01^AAI (Integrated Maintenance Entity) * T4805A01^AAZ (Blade Maintenance Entity). These SPRs are also usable with the following RVUs: * J06.19.00 ? J06.23.01. No fix planned for the following RVUs: J06.04.00 ? J06.18.01. No fix planned for H-Series NonStop systems. No fix planned for the product T2805 (Maintenance Entity).

N/A

N/A

Integrated Maintenance Entity T1805、Maintenance Entity T2805和Blade Maintenance Entity FW T4805 安全漏洞

Fleetco Fleet Maintenance Management（FMM）是一套基于PHP和MySQL的车队管理系统。 Integrated Maintenance Entity T1805、Maintenance Entity T2805和Blade Maintenance Entity FW T4805中的Maintenance LAN上开放的17185 UDP端口存在安全漏洞。攻击者可利用该漏洞获取信息，造成拒绝服务或损坏内存，完全控制系统。以下产品及版本受到影响：Integrated Ma

N/A

N/A