What is the severity of CVE-2020-7149?

CVE-2020-7149 has a critical severity level due to its potential for remote code execution.

How do I fix CVE-2020-7149?

To fix CVE-2020-7149, upgrade to HPE Intelligent Management Center version 7.3 or later.

What versions of HP Intelligent Management Center are affected by CVE-2020-7149?

CVE-2020-7149 affects all versions prior to HPE Intelligent Management Center version 7.3.

Can CVE-2020-7149 be exploited remotely?

Yes, CVE-2020-7149 can be exploited remotely due to the expression language injection vulnerability.

Is there a patch available for CVE-2020-7149?

Yes, a patch is included in the upgrade to HP Intelligent Management Center version 7.3.

Vulnerability/
CVE-2020-7149

critical

CWE

917

19/10/2020

4/8/2024

CVE-2020-7149

First published: Mon Oct 19 2020(Updated: )

A ictexpertcsvdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

Credit: security-alert@hpe.com

Affected Software	Affected Version	How to fix
HP Intelligent Management Center	<7.3
HP Intelligent Management Center	=7.3
HP Intelligent Management Center	=7.3-e0501
HP Intelligent Management Center	=7.3-e0503
HP Intelligent Management Center	=7.3-e0503p02
HP Intelligent Management Center	=7.3-e0504
HP Intelligent Management Center	=7.3-e0504p02
HP Intelligent Management Center	=7.3-e0504p04
HP Intelligent Management Center	=7.3-e0504p2
HP Intelligent Management Center	=7.3-e0504p4
HP Intelligent Management Center	=7.3-e0506
HP Intelligent Management Center	=7.3-e0506p02
HP Intelligent Management Center	=7.3-e0506p03
HP Intelligent Management Center	=7.3-e0506p07
HP Intelligent Management Center	=7.3-e0506p09
HP Intelligent Management Center	=7.3-e0605
HP Intelligent Management Center	=7.3-e0605h02
HP Intelligent Management Center	=7.3-e0605h05
HP Intelligent Management Center	=7.3-e0605p04
HP Intelligent Management Center	=7.3-e0605p06
HP Intelligent Management Center	=7.3-e0705
HP Intelligent Management Center	=7.3-e0705p02
HP Intelligent Management Center	=7.3-e0705p04
HP Intelligent Management Center	=7.3-e0705p06

Never miss a vulnerability like this again

Reference Links

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04036en_us

Frequently Asked Questions

What is the severity of CVE-2020-7149?
CVE-2020-7149 has a critical severity level due to its potential for remote code execution.
How do I fix CVE-2020-7149?
To fix CVE-2020-7149, upgrade to HPE Intelligent Management Center version 7.3 or later.
What versions of HP Intelligent Management Center are affected by CVE-2020-7149?
CVE-2020-7149 affects all versions prior to HPE Intelligent Management Center version 7.3.
Can CVE-2020-7149 be exploited remotely?
Yes, CVE-2020-7149 can be exploited remotely due to the expression language injection vulnerability.
Is there a patch available for CVE-2020-7149?
Yes, a patch is included in the upgrade to HP Intelligent Management Center version 7.3.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/references
agent/last-modified-date
agent/severity
agent/author
agent/description
agent/event
agent/first-publish-date
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/hp
canonical/hp intelligent management center
version/hp intelligent management center/7.3
version/hp intelligent management center/7.3-e0501
version/hp intelligent management center/7.3-e0503
version/hp intelligent management center/7.3-e0503p02
version/hp intelligent management center/7.3-e0504
version/hp intelligent management center/7.3-e0504p02
version/hp intelligent management center/7.3-e0504p04
version/hp intelligent management center/7.3-e0504p2
version/hp intelligent management center/7.3-e0504p4
version/hp intelligent management center/7.3-e0506
version/hp intelligent management center/7.3-e0506p02
version/hp intelligent management center/7.3-e0506p03
version/hp intelligent management center/7.3-e0506p07
version/hp intelligent management center/7.3-e0506p09
version/hp intelligent management center/7.3-e0605
version/hp intelligent management center/7.3-e0605h02
version/hp intelligent management center/7.3-e0605h05
version/hp intelligent management center/7.3-e0605p04
version/hp intelligent management center/7.3-e0605p06
version/hp intelligent management center/7.3-e0705
version/hp intelligent management center/7.3-e0705p02
version/hp intelligent management center/7.3-e0705p04
version/hp intelligent management center/7.3-e0705p06