HPE StorageWorks XP7 Automation Director (AutoDir) version 8.5.2-02 to earlier than 8.6.1-00 has a local and remote authentication bypass vulnerability that exposed the user authentication information of the storage system. This problem sometimes occurred under specific conditions when running a service template.
[
{
"product": "HPE StorageWorks XP7 Automation Director (AutoDir)",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "version 8.5.2-02 to earlier than 8.6.1-00"
}
]
}
]