Potential remote code execution security vulnerabilities have been identified with HPE Nimble Storage systems that could be exploited by an attacker to gain elevated privileges on the array. The following NimbleOS versions, and all subsequent releases, contain a software fix for this vulnerability: 3.9.3.0 4.5.6.0 5.0.9.0 5.1.4.100
References
Link | Resource |
---|---|
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03992en_us | Vendor Advisory |
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03992en_us | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 05:36
Type | Values Removed | Values Added |
---|---|---|
References | () https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03992en_us - Vendor Advisory |
Information
Published : 2020-05-19 23:15
Updated : 2024-11-21 05:36
NVD link : CVE-2020-7138
Mitre link : CVE-2020-7138
CVE.ORG link : CVE-2020-7138
JSON object : View
Products Affected
hpe
- nimble_storage_cs7000
- nimble_storage_af20_all_flash_array
- nimbleos
- nimble_storage_af80_all_flash_dual_controller
- nimble_storage_cs5000
- nimble_storage_secondary_flash_arrays
- nimble_storage_af20q_all_flash_dual_controller
- nimble_storage_af40_all_flash_dual_controller
- nimble_storage_cs3000
- nimble_storage_af60_all_flash_dual_controller
CWE