HPE Intelligent Management Center (iMC) tvxlanlegend expression language injection remote code execution vulnerability (CNVD-2020-58757)

HPE Intelligent Management Center is a suite of network intelligence management center solutions from Hewlett Packard Enterprise HPE. The solution provides network-wide visibility and enables comprehensive management of resources, services and users. A security vulnerability exists in HPE...

CVE-2020-7185

A tvxlanlegend expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

CVE-2020-7185

A tvxlanlegend expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

CVE-2020-7185

CVE-2020-7185 describes a remote code execution vulnerability in Hewlett Packard Enterprise (HPE) Intelligent Management Center (iMC) prior to PLAT 7.3 (E0705P07). The issue arises from how the tvxlanLegend.xhtml endpoint handles the beanName parameter, with the string not properly validated, ena...

(0Day) Hewlett Packard Enterprise Intelligent Management Center tvxlanLegend Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...