Remote Authentication Bypass Vulnerability in HPE StoreServ Management Console (SSMC) 3.7.0.0

Remote Authentication Bypass Vulnerability in HPE StoreServ Management Console (SSMC) 3.7.0.0

CVE-2020-7197 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE StoreServ Management Console (SSMC) 3.7.0.0 is an off node multiarray manager web application and remains isolated from data on the managed arrays. HPE has provided an update to HPE StoreServ Management Console (SSMC) software 3.7.0.0* Upgrade to HPE 3PAR StoreServ Management Console 3.7.1.1 or later.

Learn more about our Web App Pen Testing.