CVE-2020-7173
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
19/10/2020
Last modified:
21/10/2020
Description
A actionselectcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
Impact
Base Score 3.x
8.80
Severity 3.x
HIGH
Base Score 2.0
9.00
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:hp:intelligent_management_center:*:*:*:*:*:*:*:* | 7.3 (excluding) | |
| cpe:2.3:a:hp:intelligent_management_center:7.3:-:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:intelligent_management_center:7.3:e0501:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:intelligent_management_center:7.3:e0503:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:intelligent_management_center:7.3:e0503p02:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:intelligent_management_center:7.3:e0504:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:intelligent_management_center:7.3:e0504p02:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:intelligent_management_center:7.3:e0504p04:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:intelligent_management_center:7.3:e0504p2:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:intelligent_management_center:7.3:e0504p4:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:intelligent_management_center:7.3:e0506:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:intelligent_management_center:7.3:e0506p02:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:intelligent_management_center:7.3:e0506p03:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:intelligent_management_center:7.3:e0506p07:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:intelligent_management_center:7.3:e0506p09:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page