CVE-2020-7201
HIGHHPE StoreEver MSL2024 Tape Library < 7.30 and StoreEver 1/8 G2 Tape Autoloader < 5.40 - Cross-Site Request Forgery
Title source: llmDescription
A potential security vulnerability has been identified in the HPE StoreEver MSL2024 Tape Library and HPE StoreEver 1/8 G2 Tape Autoloaders. The vulnerability could be remotely exploited to allow Cross-site Request Forgery (CSRF).
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst04075en_us
Scores
CVSS v3
8.8
EPSS
0.0022
EPSS Percentile
44.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-352
Status
published
Products (2)
hp/storeever_1\/8_g2_tape_autoloader_firmware
< 5.40
hp/storeever_msl2024_firmware
< 7.30
Published
Dec 18, 2020
Tracked Since
Feb 18, 2026