Hi,
I guess the vulnerability assessment is related to CVE-2020-11022.
This has been patched in MSA controller firmware version IN110R001/IN110P001.
IN110P001 is the latest version firmware.
IN110R001 advisory:
https://support.hpe.com/hpesc/public/docDisplay?docId=a00116687en_us&docLocale=en_US
MSA controllers feature JQuery 3.2.1 with the patches to mitigate CVE-2020-11022.
Vulnerability scanner is probably not taking into consideration that the issue has been patched and just say "you don't have 3.5.0 therefore you are open to this CVE".
I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Hi,
We would like to know if the information shared addressed your query.
Request you to please respond with a Yes/No
You may also click on "Accept as a Solution" button if the issue is resolved.
I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Hello @imranmohdkhan,
Thank you for writing to us.
You might want to consider creating a new topic by utilizing the "New Discussion" button, as this will not only enhance visibility compared to the old topic but also boost your chances of receiving responses from experts.
Thanks,
Sunitha G
I'm an HPE employee.
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]