CVE-2020-7136

9.8CRITICAL

Key Information:

Vendor: HP
Status: Smart Update Manager (sum)
Vendor: CVE Published:; 30 April 2020

Summary

A security vulnerability in HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access. Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager (SUM) prior to 8.5.6. Please visit the HPE Support Center at https://support.hpe.com/hpesc/public/home to download the latest version of HPE Smart Update Manager (SUM). Download the latest version of HPE Smart Update Manager (SUM) or download the latest Service Pack For ProLiant (SPP).

Affected Version(s)

Smart Update Manager (SUM) Prior to v8.5.6

References

https://support.hpe.com/hpsc/doc/public/display?docLocale...

x_refsource_CONFIRM

EPSS Score

31% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 30, 2020
Vulnerability Reserved
Jan 16, 2020