CVE-2020-7167

A quicktemplateselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:hp:intelligent_management_center:*:*:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:-:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0501:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0503:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0503p02:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0504:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0504p02:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0504p04:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0504p2:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0504p4:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0506:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0506p02:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0506p03:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0506p07:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0506p09:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0605:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0605h02:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0605h05:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0605p04:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0605p06:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0705:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0705p02:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0705p04:*:*:*:*:*:*
cpe:2.3:a:hp:intelligent_management_center:7.3:e0705p06:*:*:*:*:*:*

History

No history.

Information

Published : 2020-10-19 18:15

Updated : 2024-02-28 18:08


NVD link : CVE-2020-7167

Mitre link : CVE-2020-7167

CVE.ORG link : CVE-2020-7167


JSON object : View

Products Affected

hp

  • intelligent_management_center
CWE
CWE-917

Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')