Vulnerabilities > Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')

DATE CVE VULNERABILITY TITLE RISK
2020-10-19 CVE-2020-7147 Expression Language Injection vulnerability in HP Intelligent Management Center
A deployselectbootrom expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
9.8
2020-10-19 CVE-2020-7146 Expression Language Injection vulnerability in HP Intelligent Management Center
A devgroupselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
9.8
2020-10-19 CVE-2020-7145 Expression Language Injection vulnerability in HP Intelligent Management Center
A chooseperfview expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
9.8
2020-10-19 CVE-2020-7144 Expression Language Injection vulnerability in HP Intelligent Management Center
A comparefilesresult expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
9.8
2020-10-19 CVE-2020-7143 Expression Language Injection vulnerability in HP Intelligent Management Center
A faultdevparasset expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
9.8
2020-10-19 CVE-2020-7142 Expression Language Injection vulnerability in HP Intelligent Management Center
A eventinfo_content expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
9.8
2020-10-19 CVE-2020-7141 Expression Language Injection vulnerability in HP Intelligent Management Center
A adddevicetoview expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
9.8
2020-10-19 CVE-2020-24652 Expression Language Injection vulnerability in HP Intelligent Management Center
A addvsiinterfaceinfo expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
9.8
2020-10-19 CVE-2020-24651 Expression Language Injection vulnerability in HP Intelligent Management Center
A syslogtempletselectwin expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
9.8
2020-10-19 CVE-2020-24650 Expression Language Injection vulnerability in HP Intelligent Management Center
A legend expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
9.8