CVE-2020-7138

HIGH

HPE NimbleOS 3.1.0.0-3.9.2.9 - Remote Code Execution

Title source: llm
STIX 2.1

Description

Potential remote code execution security vulnerabilities have been identified with HPE Nimble Storage systems that could be exploited by an attacker to gain elevated privileges on the array. The following NimbleOS versions, and all subsequent releases, contain a software fix for this vulnerability: 3.9.3.0 4.5.6.0 5.0.9.0 5.1.4.100

References (1)

Core 1

Scores

CVSS v3 8.8
EPSS 0.0181
EPSS Percentile 76.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published
Products (1)
hpe/nimbleos 3.1.0.0 - 3.9.3.0
Published May 19, 2020
Tracked Since Feb 18, 2026