HPE has fixed a maximum severity remote authentication bypass vulnerability affecting the company’s HPE StoreServ Management Console (SSMC) data center storage management solution. The patched vulnerability is tracked as CVE-2020-7197 and it affects HPE 3PAR StoreServ management and Core Software Media prior to 3.7.0.0. The vulnerability was rated by HPE as a 10/10 severity (10/10) vulnerability that allows threat actors with no privileges to exploit it as part of low complexity attacks that don’t require user interaction.
Source: https://www.bleepingcomputer.com/news/security/hpe-fixes-maximum-severity-remote-auth-bypass-bug-in-ssmc-console/