Vulnerability in Hpe Systems Insight Manager (Sim)
CVE-2020-7200
A potential security vulnerability has been identified in HPE Systems Insight Manager (SIM) version 7.6. The vulnerability could be exploited to allow remote code execution.
EPSS: 0.855 (99.4th percentile) — read the EPSS interpretation.
Affected products
- N/a Hpe Systems Insight Manager (Sim) — versions 7.6.x
Public proof-of-concept exploits
- alexfrancow/CVE-2020-7200
- rapid7/metasploit-framework
- ARPSyndicate/cvemon
- AdeliaNitzsche/Java-Deserialization-Cheat-Sheet
- BrittanyKuhn/javascript-tutorial
- GrrrDog/Java-Deserialization-Cheat-Sheet
- SexyBeast233/SecBooks
- anquanscan/sec-tools
- developer3000S/PoC-in-GitHub
- mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet
References
- support.hpe.com/hpsc/doc/public/display (x_refsource_MISC)
- packetstormsecurity.com/files/161721/HPE-Systems-Insight-Manager-AMF-Deserializ… (x_refsource_MISC)
Frequently asked questions
- What is CVE-2020-7200?
- CVE-2020-7200 is a vulnerability in Hpe Systems Insight Manager (Sim). Published 2020-12-18.
- Is CVE-2020-7200 known to be exploited?
- 13 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.