2 matches found
CVE-2020-7190
A deviceselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...
CVE-2020-7190
CVE-2020-7190 : In HPE Intelligent Management Center (iMC) prior to PLAT 7.3 (E0705P07), a deviceselect expression language injection allows remote code execution. The flaw stems from handling of the beanName parameter in deviceSelect.xhtml, enabling an attacker to run arbitrary code with SYSTEM ...