PT-2020-9235 · Hewlett Packard · Hpe Msa 2050 San Storage+5
Published
2020-04-17
·
Updated
2020-04-28
·
CVE-2019-12001
CVSS v2.0
7.1
High
| Vector | AV:N/AC:H/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
HPE MSA 2040 SAN Storage version GL225P001 and earlier
HPE MSA 1040 SAN Storage version GL225P001 and earlier
HPE MSA 1050 SAN Storage version VE270R001-01 and earlier
HPE MSA 2042 SAN Storage version GL225P001 and earlier
HPE MSA 2050 SAN Storage version VL270R001-01 and earlier
HPE MSA 2052 SAN Storage version VL270R001-01 and earlier
Description
A remote session reuse vulnerability leading to access restriction bypass was discovered. This issue allows for the bypass of access restrictions.
Recommendations
For HPE MSA 2040 SAN Storage version GL225P001 and earlier, update to a version later than GL225P001.
For HPE MSA 1040 SAN Storage version GL225P001 and earlier, update to a version later than GL225P001.
For HPE MSA 1050 SAN Storage version VE270R001-01 and earlier, update to a version later than VE270R001-01.
For HPE MSA 2042 SAN Storage version GL225P001 and earlier, update to a version later than GL225P001.
For HPE MSA 2050 SAN Storage version VL270R001-01 and earlier, update to a version later than VL270R001-01.
For HPE MSA 2052 SAN Storage version VL270R001-01 and earlier, update to a version later than VL270R001-01.
Fix
Insufficient Session Expiration
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hpe Msa 1040 San Storage
Hpe Msa 1050 San Storage
Hpe Msa 2040 San Storage
Hpe Msa 2042 San Storage
Hpe Msa 2050 San Storage
Hpe Msa 2052 San Storage