CVE-2020-7197
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE StoreServ Management Console (SSMC) 3.7.0.0 is an off node multiarray manager web application and remains isolated from data on the managed arrays. HPE has provided an update to HPE StoreServ Management Console (SSMC) software 3.7.0.0* Upgrade to HPE 3PAR StoreServ Management Console 3.7.1.1 or later.
SSMC3.7.0.0 es vulnerable a una omisión de autenticación remota. HPE StoreServ Management Console (SSMC) versión 3.7.0.0, es una aplicación web de administrador de múltiples matrices fuera del nodo y permanece aislada de los datos en las matrices administradas. HPE ha proporcionado una actualización del software HPE StoreServ Management Console (SSMC) versión 3.7.0.0* Actualizado a HPE 3PAR StoreServ Management Console versión 3.7.1.1 o posteriores
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-01-16 CVE Reserved
- 2020-10-26 CVE Published
- 2024-07-13 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst04045en_us | 2020-11-16 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Hp Search vendor "Hp" | Storeserv Management Console Search vendor "Hp" for product "Storeserv Management Console" | < 3.7.1.1 Search vendor "Hp" for product "Storeserv Management Console" and version " < 3.7.1.1" | - |
Affected
| ||||||