CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2021-29214
https://notcve.org/view.php?id=CVE-2021-29214
A security vulnerability has been identified in HPE StoreServ Management Console (SSMC). An authenticated SSMC administrator could exploit the vulnerability to inject code and elevate their privilege in SSMC. The scope of this vulnerability is limited to SSMC. Note: The arrays being managed are not impacted by this vulnerability. This vulnerability impacts SSMC versions 3.4 GA to 3.8.1. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst04207en_us •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-7197
https://notcve.org/view.php?id=CVE-2020-7197
SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE StoreServ Management Console (SSMC) 3.7.0.0 is an off node multiarray manager web application and remains isolated from data on the managed arrays. HPE has provided an update to HPE StoreServ Management Console (SSMC) software 3.7.0.0* Upgrade to HPE 3PAR StoreServ Management Console 3.7.1.1 or later. SSMC3.7.0.0 es vulnerable a una omisión de autenticación remota. HPE StoreServ Management Console (SSMC) versión 3.7.0.0, es una aplicación web de administrador de múltiples matrices fuera del nodo y permanece aislada de los datos en las matrices administradas. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst04045en_us • CWE-287: Improper Authentication •