CWE-917

Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')

Parent: CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

The product constructs all or part of an expression language (EL) statement in a framework such as a Java Server Page (JSP) using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended EL statement before it is executed.

180 vulnerabilities with CWE-917
CVE-2020-7166 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7165 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7164 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7163 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7162 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7161 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7160 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7159 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7158 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7157 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7156 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7155 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7154 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7153 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7152 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7151 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7150 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7149 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7148 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7147 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7146 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7145 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7144 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7143 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2020-7142 CRITICAL
HP Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
Details
Vulnerabilities 180
Links
MITRE CWE Entry Search this CWE With Exploits