What is the severity of CVE-2020-7159?

CVE-2020-7159 is classified as a critical severity vulnerability due to its potential for remote code execution.

How do I fix CVE-2020-7159?

To address CVE-2020-7159, you should upgrade to HPE Intelligent Management Center versions 7.3 (E0705P07) or later.

What does CVE-2020-7159 impact?

CVE-2020-7159 impacts HPE Intelligent Management Center version 7.3 and earlier, allowing for expression language injection.

Can CVE-2020-7159 be exploited remotely?

Yes, CVE-2020-7159 is a remote code execution vulnerability that can be exploited by attackers over the network.

Is there a patch available for CVE-2020-7159?

Yes, patches are available in the updated versions of HPE Intelligent Management Center starting from version 7.3 (E0705P07).

Vulnerability/
CVE-2020-7159

critical

CWE

917

19/10/2020

4/8/2024

CVE-2020-7159

First published: Mon Oct 19 2020(Updated: )

A customtemplateselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

Credit: security-alert@hpe.com

Affected Software	Affected Version	How to fix
HP Intelligent Management Center	<7.3
HP Intelligent Management Center	=7.3
HP Intelligent Management Center	=7.3-e0501
HP Intelligent Management Center	=7.3-e0503
HP Intelligent Management Center	=7.3-e0503p02
HP Intelligent Management Center	=7.3-e0504
HP Intelligent Management Center	=7.3-e0504p02
HP Intelligent Management Center	=7.3-e0504p04
HP Intelligent Management Center	=7.3-e0504p2
HP Intelligent Management Center	=7.3-e0504p4
HP Intelligent Management Center	=7.3-e0506
HP Intelligent Management Center	=7.3-e0506p02
HP Intelligent Management Center	=7.3-e0506p03
HP Intelligent Management Center	=7.3-e0506p07
HP Intelligent Management Center	=7.3-e0506p09
HP Intelligent Management Center	=7.3-e0605
HP Intelligent Management Center	=7.3-e0605h02
HP Intelligent Management Center	=7.3-e0605h05
HP Intelligent Management Center	=7.3-e0605p04
HP Intelligent Management Center	=7.3-e0605p06
HP Intelligent Management Center	=7.3-e0705
HP Intelligent Management Center	=7.3-e0705p02
HP Intelligent Management Center	=7.3-e0705p04
HP Intelligent Management Center	=7.3-e0705p06

Never miss a vulnerability like this again

Reference Links

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04036en_us

Frequently Asked Questions

What is the severity of CVE-2020-7159?
CVE-2020-7159 is classified as a critical severity vulnerability due to its potential for remote code execution.
How do I fix CVE-2020-7159?
To address CVE-2020-7159, you should upgrade to HPE Intelligent Management Center versions 7.3 (E0705P07) or later.
What does CVE-2020-7159 impact?
CVE-2020-7159 impacts HPE Intelligent Management Center version 7.3 and earlier, allowing for expression language injection.
Can CVE-2020-7159 be exploited remotely?
Yes, CVE-2020-7159 is a remote code execution vulnerability that can be exploited by attackers over the network.
Is there a patch available for CVE-2020-7159?
Yes, patches are available in the updated versions of HPE Intelligent Management Center starting from version 7.3 (E0705P07).

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/weakness
agent/references
agent/severity
agent/last-modified-date
agent/first-publish-date
agent/description
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/hp
canonical/hp intelligent management center
version/hp intelligent management center/7.3
version/hp intelligent management center/7.3-e0501
version/hp intelligent management center/7.3-e0503
version/hp intelligent management center/7.3-e0503p02
version/hp intelligent management center/7.3-e0504
version/hp intelligent management center/7.3-e0504p02
version/hp intelligent management center/7.3-e0504p04
version/hp intelligent management center/7.3-e0504p2
version/hp intelligent management center/7.3-e0504p4
version/hp intelligent management center/7.3-e0506
version/hp intelligent management center/7.3-e0506p02
version/hp intelligent management center/7.3-e0506p03
version/hp intelligent management center/7.3-e0506p07
version/hp intelligent management center/7.3-e0506p09
version/hp intelligent management center/7.3-e0605
version/hp intelligent management center/7.3-e0605h02
version/hp intelligent management center/7.3-e0605h05
version/hp intelligent management center/7.3-e0605p04
version/hp intelligent management center/7.3-e0605p06
version/hp intelligent management center/7.3-e0705
version/hp intelligent management center/7.3-e0705p02
version/hp intelligent management center/7.3-e0705p04
version/hp intelligent management center/7.3-e0705p06