Remote Authentication Bypass Vulnerability in HPE StoreServ Management Console
CVE-2020-7197
9.8CRITICAL
Key Information:
- Vendor
HP
- Vendor
- CVE Published:
- 26 October 2020
What is CVE-2020-7197?
HPE StoreServ Management Console (SSMC) version 3.7.0.0 is susceptible to remote authentication bypass. This vulnerability allows unauthorized users to bypass authentication mechanisms, compromising the security of the application. As SSMC acts as an off-node multi-array management tool, it remains isolated from the controlled arrays, but this flaw could still lead to unauthorized access. HPE has issued a patch that recommends upgrading to version 3.7.1.1 or later to mitigate this issue. Ensuring that your software is updated is essential to maintaining a secure environment.
Affected Version(s)
HPE 3PAR StoreServ Management and Core Software Media prior to 3.7.0.0