CVE-2020-7199

9.8CRITICAL

Key Information:

Vendor: HP
Status: HP Edgeline Infrastructure Management Software
Vendor: CVE Published:; 2 December 2020

Summary

A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software. The vulnerability could be remotely exploited to bypass remote authentication leading to execution of arbitrary commands, gaining privileged access, causing denial of service, and changing the configuration.

Affected Version(s)

HPE Edgeline Infrastructure Management Software Prior to 1.21

References

https://support.hpe.com/hpsc/doc/public/display?docLocale...

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 2, 2020
Vulnerability Reserved
Jan 16, 2020