CVE-2020-7147
First published: Mon Oct 19 2020(Updated: )
A deployselectbootrom expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
Credit: security-alert@hpe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| HP Intelligent Management Center | <7.3 | |
| HP Intelligent Management Center | =7.3 | |
| HP Intelligent Management Center | =7.3-e0501 | |
| HP Intelligent Management Center | =7.3-e0503 | |
| HP Intelligent Management Center | =7.3-e0503p02 | |
| HP Intelligent Management Center | =7.3-e0504 | |
| HP Intelligent Management Center | =7.3-e0504p02 | |
| HP Intelligent Management Center | =7.3-e0504p04 | |
| HP Intelligent Management Center | =7.3-e0504p2 | |
| HP Intelligent Management Center | =7.3-e0504p4 | |
| HP Intelligent Management Center | =7.3-e0506 | |
| HP Intelligent Management Center | =7.3-e0506p02 | |
| HP Intelligent Management Center | =7.3-e0506p03 | |
| HP Intelligent Management Center | =7.3-e0506p07 | |
| HP Intelligent Management Center | =7.3-e0506p09 | |
| HP Intelligent Management Center | =7.3-e0605 | |
| HP Intelligent Management Center | =7.3-e0605h02 | |
| HP Intelligent Management Center | =7.3-e0605h05 | |
| HP Intelligent Management Center | =7.3-e0605p04 | |
| HP Intelligent Management Center | =7.3-e0605p06 | |
| HP Intelligent Management Center | =7.3-e0705 | |
| HP Intelligent Management Center | =7.3-e0705p02 | |
| HP Intelligent Management Center | =7.3-e0705p04 | |
| HP Intelligent Management Center | =7.3-e0705p06 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-7147?
CVE-2020-7147 is a high severity vulnerability due to its potential for remote code execution.
How do I fix CVE-2020-7147?
To remediate CVE-2020-7147, upgrade to HPE Intelligent Management Center version 7.3 PLAT E0705P07 or later.
What type of vulnerability is CVE-2020-7147?
CVE-2020-7147 is an expression language injection vulnerability that allows for remote code execution.
Which versions of HP Intelligent Management Center are affected by CVE-2020-7147?
CVE-2020-7147 affects all versions of HP Intelligent Management Center prior to 7.3 PLAT E0705P07.
What should I do if I cannot immediately patch CVE-2020-7147?
If immediate patching is not possible for CVE-2020-7147, consider implementing network segmentation and restricting access to the vulnerable system.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/references
- agent/severity
- agent/last-modified-date
- agent/tags
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- vendor/hp
- canonical/hp intelligent management center
- version/hp intelligent management center/7.3
- version/hp intelligent management center/7.3-e0501
- version/hp intelligent management center/7.3-e0503
- version/hp intelligent management center/7.3-e0503p02
- version/hp intelligent management center/7.3-e0504
- version/hp intelligent management center/7.3-e0504p02
- version/hp intelligent management center/7.3-e0504p04
- version/hp intelligent management center/7.3-e0504p2
- version/hp intelligent management center/7.3-e0504p4
- version/hp intelligent management center/7.3-e0506
- version/hp intelligent management center/7.3-e0506p02
- version/hp intelligent management center/7.3-e0506p03
- version/hp intelligent management center/7.3-e0506p07
- version/hp intelligent management center/7.3-e0506p09
- version/hp intelligent management center/7.3-e0605
- version/hp intelligent management center/7.3-e0605h02
- version/hp intelligent management center/7.3-e0605h05
- version/hp intelligent management center/7.3-e0605p04
- version/hp intelligent management center/7.3-e0605p06
- version/hp intelligent management center/7.3-e0705
- version/hp intelligent management center/7.3-e0705p02
- version/hp intelligent management center/7.3-e0705p04
- version/hp intelligent management center/7.3-e0705p06