Hewlett Packard Enterprise is urging customers to patch one of its premier edge application management tools that could allow an attacker to carry out a remote authentication bypass attack. The bug impacts all versions of HPE s Edgeline Infrastructure Manager (EIM) prior to version 1.21.21. Users are urged to update to HPE EIM v1.22 or later to fix the bug. The vulnerability could be remotely exploited to bypass remote authentication leading to execution of arbitrary commands, gaining privileged access, causing denial of service, and changing the configuration.
Source: https://threatpost.com/hewlett-packard-critical-bug-edge/165797/