CVE-2019-5348
HPE Intelligent Management Center (IMC) PLAT features a remote code execution in GWT deviceservice due to expression language injection via queryCustomCondition (beanName) in vulnerable builds before 7.3 E0506P09. Exploitation requires authentication but can bypass; code executes with SYSTEM priv...