8 results (0.005 seconds)

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

A security vulnerability has been identified in HPE StoreServ Management Console (SSMC). An authenticated SSMC administrator could exploit the vulnerability to inject code and elevate their privilege in SSMC. The scope of this vulnerability is limited to SSMC. Note: The arrays being managed are not impacted by this vulnerability. This vulnerability impacts SSMC versions 3.4 GA to 3.8.1. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst04207en_us •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE StoreServ Management Console (SSMC) 3.7.0.0 is an off node multiarray manager web application and remains isolated from data on the managed arrays. HPE has provided an update to HPE StoreServ Management Console (SSMC) software 3.7.0.0* Upgrade to HPE 3PAR StoreServ Management Console 3.7.1.1 or later. SSMC3.7.0.0 es vulnerable a una omisión de autenticación remota. HPE StoreServ Management Console (SSMC) versión 3.7.0.0, es una aplicación web de administrador de múltiples matrices fuera del nodo y permanece aislada de los datos en las matrices administradas. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst04045en_us • CWE-287: Improper Authentication •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

A remote information disclosure vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. Se detectó una vulnerabilidad de divulgación de información remota en HPE 3PAR StoreServ Management y Core Software Media versión(es): anteriores a 3.5.0.1. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03946en_us •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0

A remote session reuse vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. Se detectó una vulnerabilidad de reutilización de sesión remota en HPE 3PAR StoreServ Management y Core Software Media versión(es): anteriores a 3.5.0.1. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03946en_us • CWE-384: Session Fixation •

CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0

A remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. Se detectó una vulnerabilidad de omisión de autorización remota en HPE 3PAR StoreServ Management y Core Software Media de HPE versión(es): anteriores a 3.5.0.1. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03946en_us •