The vulnerability exists in all of the HP StoreVirtual systems, and HP said that there is no way to disable the mechanism right now. The company said the function is meant for remote support use, but acknowledged that it could also be an attack vector. The vulnerability is meant specifically to give support personnel the ability to access customer networks and StoreVirtual. The mechanism includes the requirement for the use of a one-time password. In June, HP released an advisory after a researcher posted details of the same kind of remote support access mechanism.
Source: https://threatpost.com/hp-to-patch-remote-backdoor-in-storevirtual-systems/101277/