CVE-2020-7137
Severity Score
6.7
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A validation issue in HPE Superdome Flex's RMC component may allow local elevation of privilege. Apply HPE Superdome Flex Server version 3.25.46 or later to resolve this issue.
Un problema de comprobaciĆ³n en el componente RMC de HPE Superdome Flex, puede permitir una elevaciĆ³n local de privilegios. Aplique HPE Superdome Flex Server versiones 3.25.46 o superiores para resolver este problema.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-01-16 CVE Reserved
- 2020-05-19 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Hpe Search vendor "Hpe" | Superdome Flex Server Firmware Search vendor "Hpe" for product "Superdome Flex Server Firmware" | < 3.25.46 Search vendor "Hpe" for product "Superdome Flex Server Firmware" and version " < 3.25.46" | - |
Affected
| in | Hpe Search vendor "Hpe" | Superdome Flex Server Search vendor "Hpe" for product "Superdome Flex Server" | - | - |
Safe
|