What is the severity of CVE-2020-7148?

CVE-2020-7148 is classified as a critical vulnerability that allows remote code execution.

How do I fix CVE-2020-7148?

To fix CVE-2020-7148, upgrade to HPE Intelligent Management Center version 7.3 PLAT E0705P07 or later.

What versions of HPE Intelligent Management Center are affected by CVE-2020-7148?

CVE-2020-7148 affects all versions of HPE Intelligent Management Center prior to 7.3 PLAT E0705P07.

Can CVE-2020-7148 be exploited remotely?

Yes, CVE-2020-7148 can be exploited remotely through expression language injection.

What type of attack is associated with CVE-2020-7148?

CVE-2020-7148 is associated with a remote code execution attack due to expression language injection.

Vulnerability/
CVE-2020-7148

critical

CWE

917

19/10/2020

4/8/2024

CVE-2020-7148

First published: Mon Oct 19 2020(Updated: )

A deployselectsoftware expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

Credit: security-alert@hpe.com

Affected Software	Affected Version	How to fix
HP Intelligent Management Center	<7.3
HP Intelligent Management Center	=7.3
HP Intelligent Management Center	=7.3-e0501
HP Intelligent Management Center	=7.3-e0503
HP Intelligent Management Center	=7.3-e0503p02
HP Intelligent Management Center	=7.3-e0504
HP Intelligent Management Center	=7.3-e0504p02
HP Intelligent Management Center	=7.3-e0504p04
HP Intelligent Management Center	=7.3-e0504p2
HP Intelligent Management Center	=7.3-e0504p4
HP Intelligent Management Center	=7.3-e0506
HP Intelligent Management Center	=7.3-e0506p02
HP Intelligent Management Center	=7.3-e0506p03
HP Intelligent Management Center	=7.3-e0506p07
HP Intelligent Management Center	=7.3-e0506p09
HP Intelligent Management Center	=7.3-e0605
HP Intelligent Management Center	=7.3-e0605h02
HP Intelligent Management Center	=7.3-e0605h05
HP Intelligent Management Center	=7.3-e0605p04
HP Intelligent Management Center	=7.3-e0605p06
HP Intelligent Management Center	=7.3-e0705
HP Intelligent Management Center	=7.3-e0705p02
HP Intelligent Management Center	=7.3-e0705p04
HP Intelligent Management Center	=7.3-e0705p06

Never miss a vulnerability like this again

Reference Links

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04036en_us

Frequently Asked Questions

What is the severity of CVE-2020-7148?
CVE-2020-7148 is classified as a critical vulnerability that allows remote code execution.
How do I fix CVE-2020-7148?
To fix CVE-2020-7148, upgrade to HPE Intelligent Management Center version 7.3 PLAT E0705P07 or later.
What versions of HPE Intelligent Management Center are affected by CVE-2020-7148?
CVE-2020-7148 affects all versions of HPE Intelligent Management Center prior to 7.3 PLAT E0705P07.
Can CVE-2020-7148 be exploited remotely?
Yes, CVE-2020-7148 can be exploited remotely through expression language injection.
What type of attack is associated with CVE-2020-7148?
CVE-2020-7148 is associated with a remote code execution attack due to expression language injection.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/weakness
agent/references
agent/severity
agent/last-modified-date
agent/first-publish-date
agent/description
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/hp
canonical/hp intelligent management center
version/hp intelligent management center/7.3
version/hp intelligent management center/7.3-e0501
version/hp intelligent management center/7.3-e0503
version/hp intelligent management center/7.3-e0503p02
version/hp intelligent management center/7.3-e0504
version/hp intelligent management center/7.3-e0504p02
version/hp intelligent management center/7.3-e0504p04
version/hp intelligent management center/7.3-e0504p2
version/hp intelligent management center/7.3-e0504p4
version/hp intelligent management center/7.3-e0506
version/hp intelligent management center/7.3-e0506p02
version/hp intelligent management center/7.3-e0506p03
version/hp intelligent management center/7.3-e0506p07
version/hp intelligent management center/7.3-e0506p09
version/hp intelligent management center/7.3-e0605
version/hp intelligent management center/7.3-e0605h02
version/hp intelligent management center/7.3-e0605h05
version/hp intelligent management center/7.3-e0605p04
version/hp intelligent management center/7.3-e0605p06
version/hp intelligent management center/7.3-e0705
version/hp intelligent management center/7.3-e0705p02
version/hp intelligent management center/7.3-e0705p04
version/hp intelligent management center/7.3-e0705p06