HomesecurityHPE: Fixes a serious error in the SSMC console

HPE: Fixes a serious error in the SSMC console

Hewlett Packard Enterprise (HPE) has fixed a maximum severity remote authentication bypass vulnerability that affects the company's HPE StoreServ Management Console (SSMC) data center management solution.

HPE SSMC is a management and reporting console for HPE Primera (data storage for critical applications) and HPE 3PAR StoreServ systems (providers cloud services storage with AI technology).


Severity score 10/10

Vulnerability to bypass remote control identity referred to as CVE-2020-7197 and affects HP 3PAR StoreServ Management and Core Software Media prior to version

CVE-2020-7197 was assessed by the IPE as a maximum severity vulnerability (10/10) that allows threatening factors without the privilege of exploiting it as part of low-complexity attacks that do not require interaction to users.

To mitigate the defect, HPE recommends upgrading the HPE 3PAR StoreServ (SSMC) management console to version or later.

You can do it for free λήψη of SSMC from the portal HPE Mylicense from all customers with a HP Passport account.

“This SSMC version includes major security bug fixes and enhancements quality which strengthen the security attitude of SSMC devices ", says the changelog.

"HPE strongly recommends that upgrade the SSMC device in this version. "

The critical SSMC vulnerability was identified and reported by Elwood Buck of the MindPoint Group, according to the US security advisory.

HP did not provide any other details regarding the internal functions of the security defect or information on the attacks that exploited the error.


Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehc
Be the limited edition.