HPE Intelligent Management Center (iMC) faulttrapgroupselect Expression Language Injection Remote Code Execution Vulnerability

HPE Intelligent Management Center iMC is a suite of network intelligent management center solutions from Hewlett Packard Enterprise HPE. The solution provides network-wide visibility and enables comprehensive management of resources, services and users. A security vulnerability exists in HPE...

HPE Intelligent Management Center (iMC) elevation of privilege vulnerability (CNVD-2020-58082)

HPE Intelligent Management Center is a suite of network intelligence management center solutions from Hewlett Packard Enterprise HPE. The solution provides network-wide visibility and enables comprehensive management of resources, services and users. An operatoronlinelistcontent elevation of...

HPE Intelligent Management Center (iMC) iccSelectDymicParam Expression Language Injection Remote Code Execution Vulnerability

HPE Intelligent Management Center iMC is a suite of network intelligent management center solutions from Hewlett Packard Enterprise HPE. The solution provides network-wide visibility and enables comprehensive management of resources, services and users. A security vulnerability exists in HPE...

CVE-2020-7179

A thirdpartyperfselecttask expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

CVE-2020-7178

A mediaforaction expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

CVE-2020-7184

A viewbatchtaskresultdetailfact expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

CVE-2020-7183

A forwardredirect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

CVE-2020-7161

A reporttaskselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

CVE-2020-7163

A navigationto expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

CVE-2020-7149

A ictexpertcsvdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

CVE-2020-7152

A faultparasset expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

CVE-2020-7156

A faultinfocontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

CVE-2020-7146

A devgroupselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

CVE-2020-7156

A faultinfocontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

CVE-2020-24629

A remote urlaccesscontroller authentication bypass vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

Remote code execution

A powershellconfigcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

CVE-2020-7192

HPE Intelligent Management Center (iMC) before PLAT 7.3 (E0705P07) is affected. The vulnerability is in the deviceThresholdConfig expression language handling (beanName parameter), where improper input validation enables remote code execution in the context of SYSTEM. Public advisories (e.g., ZDI...

CVE-2020-7191

HPE Intelligent Management Center (iMC) before PLAT 7.3 (E0705P07) is affected by a devSoftSel expression language injection leading to remote code execution. The root cause is improper handling/validation of the beanName parameter in the devSoftSel.xhtml endpoint, allowing an attacker to execute...

CVE-2020-7185

A tvxlanlegend expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

CVE-2020-7178

The CVE-2020-7178 case concerns Hewlett Packard Enterprise Intelligent Management Center (iMC) before PLAT 7.3 (E0705P07). The issue is a mediaForAction expression language injection that enables remote code execution. Exploitation is possible remotely; some sources indicate authentication is req...