CVE-2020-7197
CRITICALHPE StoreServ Management Console < 3.7.1.1 - Remote Authentication Bypass
Title source: llmDescription
SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE StoreServ Management Console (SSMC) 3.7.0.0 is an off node multiarray manager web application and remains isolated from data on the managed arrays. HPE has provided an update to HPE StoreServ Management Console (SSMC) software 3.7.0.0* Upgrade to HPE 3PAR StoreServ Management Console 3.7.1.1 or later.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst04045en_us
Scores
CVSS v3
9.8
EPSS
0.0205
EPSS Percentile
84.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-287
Status
published
Products (1)
hp/storeserv_management_console
< 3.7.1.1
Published
Oct 26, 2020
Tracked Since
Feb 18, 2026