Vulnerabilities > HP > Intelligent Management Center > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-10-19 CVE-2020-24629 Improper Authentication vulnerability in HP Intelligent Management Center 7.2/7.3
A remote urlaccesscontroller authentication bypass vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-287
critical
9.8
2020-10-19 CVE-2020-24646 Out-of-bounds Write vulnerability in HP Intelligent Management Center 7.2/7.3
A tftpserver stack-based buffer overflow remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-787
critical
9.8
2020-10-19 CVE-2020-24647 Improper Input Validation vulnerability in HP Intelligent Management Center 7.2/7.3
A remote accessmgrservlet classname input validation code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-20
critical
9.8
2020-10-19 CVE-2020-24648 Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center 7.2/7.3
A accessmgrservlet classname deserialization of untrusted data remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-502
critical
9.8
2020-10-19 CVE-2020-24649 Improper Input Validation vulnerability in HP Intelligent Management Center 7.2/7.3
A remote bytemessageresource transformentity" input validation code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-20
critical
9.8
2020-10-19 CVE-2020-24650 Expression Language Injection vulnerability in HP Intelligent Management Center 7.2/7.3
A legend expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
9.8
2020-10-19 CVE-2020-24651 Expression Language Injection vulnerability in HP Intelligent Management Center 7.2/7.3
A syslogtempletselectwin expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
9.8
2020-10-19 CVE-2020-24652 Expression Language Injection vulnerability in HP Intelligent Management Center 7.2/7.3
A addvsiinterfaceinfo expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
9.8
2020-10-19 CVE-2020-7141 Expression Language Injection vulnerability in HP Intelligent Management Center 7.2/7.3
A adddevicetoview expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
9.8
2020-10-19 CVE-2020-7142 Expression Language Injection vulnerability in HP Intelligent Management Center 7.2/7.3
A eventinfo_content expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-917
critical
9.8