CVE-2020-7201

2020-12-1822:20:30

hpe

www.cve.org

hpe storeever

malware

remote exploitation

AI Score

8.7

Confidence

High

EPSS

0.001

Percentile

31.5%

JSON

A potential security vulnerability has been identified in the HPE StoreEver MSL2024 Tape Library and HPE StoreEver 1/8 G2 Tape Autoloaders. The vulnerability could be remotely exploited to allow Cross-site Request Forgery (CSRF).

CNA Affected

[
  {
    "product": "HPE StoreEver MSL Tape Libraries; HPE StoreEver 1/8 G2 Tape Autoloaders",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "All versions prior to 7.30"
      },
      {
        "status": "affected",
        "version": "HPE StoreEver 1/8 G2 Tape Autoloaders"
      },
      {
        "status": "affected",
        "version": "All versions prior to 5.40"
      }
    ]
  }
]

References

support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst04075en_us