Vulnerabilities > Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')

DATE CVE VULNERABILITY TITLE RISK
2020-10-19 CVE-2020-7167 Expression Language Injection vulnerability in HP Intelligent Management Center
A quicktemplateselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 9.8
9.8
2020-10-19 CVE-2020-7166 Expression Language Injection vulnerability in HP Intelligent Management Center
A operatorgrouptreeselectcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 9.8
9.8
2020-10-19 CVE-2020-7165 Expression Language Injection vulnerability in HP Intelligent Management Center
A iccselectcommand expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 9.8
9.8
2020-10-19 CVE-2020-7164 Expression Language Injection vulnerability in HP Intelligent Management Center
A operationselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 9.8
9.8
2020-10-19 CVE-2020-7163 Expression Language Injection vulnerability in HP Intelligent Management Center
A navigationto expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 9.8
9.8
2020-10-19 CVE-2020-7162 Expression Language Injection vulnerability in HP Intelligent Management Center
A operatorgroupselectcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 9.8
9.8
2020-10-19 CVE-2020-7161 Expression Language Injection vulnerability in HP Intelligent Management Center
A reporttaskselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 9.8
9.8
2020-10-19 CVE-2020-7160 Expression Language Injection vulnerability in HP Intelligent Management Center
A iccselectdeviceseries expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 9.8
9.8
2020-10-19 CVE-2020-7159 Expression Language Injection vulnerability in HP Intelligent Management Center
A customtemplateselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 9.8
9.8
2020-10-19 CVE-2020-7158 Expression Language Injection vulnerability in HP Intelligent Management Center
A perfselecttask expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 9.8
9.8