CVSS: 10.0EPSS: 0%CPEs: 24EXPL: 0CVE-2020-24652 – Hewlett Packard Enterprise Intelligent Management Center addVsiInterfaceInfo Expression Language Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-24652
A addvsiinterfaceinfo expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Se detectó una vulnerabilidad de ejecución de código remota de una inyección de lenguaje de expresiones de addvsiinterfaceinfo en HPE Intelligent Management Center (iMC): versión(es): anteriores a iMC PLAT 7.3 (E0705P07) This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the beanName parameter provided to the addVsiInterfaceInfo.xhtml endpoint. When parsing the beanName parameter, the process does not properly validate a user-supplied string before using it to render a page. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04036en_us • CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •
CVSS: 10.0EPSS: 0%CPEs: 24EXPL: 0CVE-2020-7141 – Hewlett Packard Enterprise Intelligent Management Center addDeviceToView Expression Language Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-7141
A adddevicetoview expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Se detectó una vulnerabilidad de ejecución de código remota de una inyección de lenguaje de expresiones de adddevicetoview en HPE Intelligent Management Center (iMC): versión(es): anteriores a iMC PLAT 7.3 (E0705P07) This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the beanName parameter provided to the addDeviceToView.xhtml endpoint. When parsing the beanName parameter, the process does not properly validate a user-supplied string before using it to render a page. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04036en_us • CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •
CVSS: 10.0EPSS: 1%CPEs: 24EXPL: 0CVE-2020-24646 – Hewlett Packard Enterprise Intelligent Management Center tftpserver Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-24646
A tftpserver stack-based buffer overflow remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Se detectó una vulnerabilidad de ejecución de código remota de desbordamiento de búfer en la región stack de la memoria de tftpserver en HPE Intelligent Management Center (iMC): versión(es): anteriores a iMC PLAT 7.3 (E0705P07) This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the val1 parameter provided to the tftpserver component. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04036en_us • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 24EXPL: 0CVE-2020-24629 – Hewlett Packard Enterprise Intelligent Management Center UrlAccessController Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-24629
A remote urlaccesscontroller authentication bypass vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Se detectó una vulnerabilidad de omisión de autenticación de urlaccesscontroller en HPE Intelligent Management Center (iMC): versión(es): anteriores a iMC PLAT 7.3 (E0705P07) This vulnerability allows remote attackers to bypass authentication on affected installations of Hewlett Packard Enterprise Intelligent Management Center. The specific flaw exists within the UrlAccessController servlet. The issue results from the lack of proper filtering of URLs. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of SYSTEM. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04036en_us • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 3%CPEs: 24EXPL: 0CVE-2020-24648 – Hewlett Packard Enterprise Intelligent Management Center AccessMgrServlet className Deserialization of Untrusted Data Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-24648
A accessmgrservlet classname deserialization of untrusted data remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Se detectó una vulnerabilidad de deserialización del nombre de clase accessmgrservlet de ejecución de código remota de datos no confiables en HPE Intelligent Management Center (iMC): versión(es): anteriores a iMC PLAT 7.3 (E0705P07) This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is required to exploit this vulnerability. The specific flaw exists within the transformEntity method of the MgrReqMsg class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04036en_us • CWE-502: Deserialization of Untrusted Data •