CVE-2020-7144

A comparefilesresult expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
Configurations

Configuration 1

cpe:2.3:a:hp:intelligent_management_center:7.3:e0504:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0504p02:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0503p02:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:*:*:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0504p2:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0504p4:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0506p03:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0506:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0504p04:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0501:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0506p09:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0506p07:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:-:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0503:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0506p02:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0605p06:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0605p04:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0605h02:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0605:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0605h05:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0705p02:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0705:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0705p04:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0705p06:*:*:*:*:*:*

Information

Published : 2020-10-19 06:15

Updated : 2020-10-21 08:07


NVD link : CVE-2020-7144

Mitre link : CVE-2020-7144

Products Affected
No products.
CWE
CWE-917

Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')