CVE-2020-7197

2020-10-2615:09:19

hpe

www.cve.org

hpe

ssmc

authentication bypass

vulnerability

fix

3.7.1.1

AI Score

9.7

Confidence

High

EPSS

0.008

Percentile

81.3%

JSON

SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE StoreServ Management Console (SSMC) 3.7.0.0 is an off node multiarray manager web application and remains isolated from data on the managed arrays. HPE has provided an update to HPE StoreServ Management Console (SSMC) software 3.7.0.0* Upgrade to HPE 3PAR StoreServ Management Console 3.7.1.1 or later.

CNA Affected

[
  {
    "product": "HPE 3PAR StoreServ Management and Core Software Media",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "prior to 3.7.0.0"
      }
    ]
  }
]

References

support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst04045en_us