HP Security Manager Vulnerable to Remote Code Execution
CVE-2024-7720

9.8CRITICAL

Key Information:

Vendor: HP
Status: HP Security Manager
Vendor: CVE Published:; 27 August 2024

Summary

HP Security Manager is potentially vulnerable to remote code execution due to a flaw in its implementation of open-source libraries. This vulnerability could allow attackers to execute arbitrary code on vulnerable systems, which may lead to unauthorized access or other malicious activities. Users and system administrators are advised to review their deployments and apply necessary security measures to mitigate any risks associated with this vulnerability.

Affected Version(s)

HP Security Manager See HP security bulletin reference for affected versions

References

https://support.hp.com/us-en/document/ish_11074404-110744...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 27, 2024
Vulnerability Reserved
Aug 12, 2024