Vulnerabilities > Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')

DATE CVE VULNERABILITY TITLE RISK
2020-10-19 CVE-2020-7159 Expression Language Injection vulnerability in HP Intelligent Management Center
A customtemplateselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 10.0
10
2020-10-19 CVE-2020-7158 Expression Language Injection vulnerability in HP Intelligent Management Center
A perfselecttask expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 10.0
10
2020-10-19 CVE-2020-7157 Expression Language Injection vulnerability in HP Intelligent Management Center
A selviewnavcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 10.0
10
2020-10-19 CVE-2020-7156 Expression Language Injection vulnerability in HP Intelligent Management Center
A faultinfo_content expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 10.0
10
2020-10-19 CVE-2020-7155 Expression Language Injection vulnerability in HP Intelligent Management Center
A select expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 10.0
10
2020-10-19 CVE-2020-7154 Expression Language Injection vulnerability in HP Intelligent Management Center
A ifviewselectpage expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 10.0
10
2020-10-19 CVE-2020-7153 Expression Language Injection vulnerability in HP Intelligent Management Center
A iccselectdevtype expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 10.0
10
2020-10-19 CVE-2020-7152 Expression Language Injection vulnerability in HP Intelligent Management Center
A faultparasset expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 10.0
10
2020-10-19 CVE-2020-7151 Expression Language Injection vulnerability in HP Intelligent Management Center
A faulttrapgroupselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 10.0
10
2020-10-19 CVE-2020-7150 Expression Language Injection vulnerability in HP Intelligent Management Center
A faultstatchoosefaulttype expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
 10.0
10