Incorrect authentication vulnerability in HP StoreServ Management Console allows ransomware to encrypt its storage

Cybersecurity specialists reported the detection of an improper authentication vulnerability in HPE StoreServ Management Console, from HP tech company. It appears that exploiting this flaw would allow threat actors to evade security controls on the affected deployment.

HPE SSMC is the Management and Reporting Console for HPE Primera Data Center Arrays (Data Warehouse for Mission-Critical Applications) and HPE 3PAR StoreServ Systems (AI Cloud Storage Providers).

La imagen tiene un atributo ALT vacío; su nombre de archivo es vulnerability.jpg

Tracked as CVE-2020-7197, this failure allows a remote attacker to elude the authentication process. The vulnerability exists due to an error processing authentication requests in HPE 3PAR StoreServ Management and Core Software Media. A remote attacker can bypass the authentication process and gain unauthorized access to the application.

Hewlett Packard Enterprise (HPE) has resolved a critical remote authentication bypass vulnerability (CVE-2020-7197) in HPE StoreServ Management Console (SSMC) data center storage management solutions.

The Fixed Remote Authentication Bypass vulnerability affects HPE 3PAR StoreServ Management and Core Software Media versions and later. The problem achieved a maximum of 10 on the CVSS scale, and its exploitation allows non privileged attackers to exploit it in low-complexity attacks that do not require user interaction.

Users are strongly encouraged to upgrade HPE 3PAR StoreServ Management Console (SSMC) to version or earlier.