2 matches found
HPE Intelligent Management Center Command Injection (CVE-2019-5373; CVE-2019-5374)
Multiple Command Injection vulnerabilities exist in HPE Intelligent Management Center. The vulnerabilities are due to insufficient handling of the beanName request parameter by the CustomReportTemplateSelectBean and operatorGroupTreeSelectContent classes. A remote, authenticated attacker can...
CVE-2019-5374
HPE Intelligent Management Center (IMC) PLAT versions earlier than 7.3 E0506P09 are vulnerable to CVE-2019-5374 due to improper handling of the beanName parameter in operatorGroupTreeSelectContent.xhtml, enabling remote code execution. The root cause is an expression-language injection/vector in ...