All the vulnerabilites related to hpe - cloudline_cl5200_gen9_server
cve-2021-25128
Vulnerability from cvelistv5
Published
2021-01-29 18:34
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice gethelpdata_func function path traversal vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server |
Version: Version. 1.09.0.0 Version: Version 1.07.0.0 Version: Version 1.10.0.0 Version: Version 1.10.0.0 Version: Version 1.08.0.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:10.568Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Version. 1.09.0.0"
},
{
"status": "affected",
"version": "Version 1.07.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.08.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice gethelpdata_func function path traversal vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local spx_restservice gethelpdata_func function path traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-29T18:34:41",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-25128",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "Version. 1.09.0.0"
},
{
"version_value": "Version 1.07.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.08.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice gethelpdata_func function path traversal vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local spx_restservice gethelpdata_func function path traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-25128",
"datePublished": "2021-01-29T18:34:41",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:56:10.568Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-25123
Vulnerability from cvelistv5
Published
2021-01-29 12:30
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice addlicense_func function.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server |
Version: Version. 1.09.0.0 Version: Version 1.07.0.0 Version: Version 1.10.0.0 Version: Version 1.10.0.0 Version: Version 1.08.0.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:10.273Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Version. 1.09.0.0"
},
{
"status": "affected",
"version": "Version 1.07.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.08.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice addlicense_func function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local spx_restservice addlicense_func function buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-29T12:30:08",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-25123",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "Version. 1.09.0.0"
},
{
"version_value": "Version 1.07.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.08.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice addlicense_func function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local spx_restservice addlicense_func function buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-25123",
"datePublished": "2021-01-29T12:30:08",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:56:10.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-25132
Vulnerability from cvelistv5
Published
2021-01-29 18:37
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setmediaconfig_func function.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server |
Version: Version. 1.09.0.0 Version: Version 1.07.0.0 Version: Version 1.10.0.0 Version: Version 1.10.0.0 Version: Version 1.08.0.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:10.585Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Version. 1.09.0.0"
},
{
"status": "affected",
"version": "Version 1.07.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.08.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setmediaconfig_func function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local spx_restservice setmediaconfig_func function buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-29T18:37:31",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-25132",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "Version. 1.09.0.0"
},
{
"version_value": "Version 1.07.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.08.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setmediaconfig_func function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local spx_restservice setmediaconfig_func function buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-25132",
"datePublished": "2021-01-29T18:37:31",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:56:10.585Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-25134
Vulnerability from cvelistv5
Published
2021-01-29 18:43
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setremoteimageinfo_func function.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server |
Version: Version. 1.09.0.0 Version: Version 1.07.0.0 Version: Version 1.10.0.0 Version: Version 1.10.0.0 Version: Version 1.08.0.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:10.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Version. 1.09.0.0"
},
{
"status": "affected",
"version": "Version 1.07.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.08.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setremoteimageinfo_func function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "spx_restservice setremoteimageinfo_func function buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-29T18:43:17",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-25134",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "Version. 1.09.0.0"
},
{
"version_value": "Version 1.07.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.08.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setremoteimageinfo_func function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "spx_restservice setremoteimageinfo_func function buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-25134",
"datePublished": "2021-01-29T18:43:17",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:56:10.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7205
Vulnerability from cvelistv5
Published
2020-07-30 17:27
Modified
2024-08-04 09:25
Severity ?
EPSS score ?
Summary
A potential security vulnerability has been identified in HPE Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. The vulnerability could be locally exploited to allow arbitrary code execution during the boot process. **Note:** This vulnerability is related to using insmod in GRUB2 in the specific impacted HPE product and HPE is addressing this issue. HPE has made the following software updates and mitigation information to resolve the vulnerability in Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. HPE provided latest Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting Toolkit which includes the GRUB2 patch to resolve this vulnerability. These new boot images will update GRUB2 and the Forbidden Signature Database (DBX). After the DBX is updated, users will not be able to boot to the older IP, SPP or Scripting ToolKit with Secure Boot enabled. HPE have provided a standalone DBX update tool to work with Microsoft Windows, and supported Linux Operating Systems. These tools can be used to update the Forbidden Signature Database (DBX) from within the OS. **Note:** This DBX update mitigates the GRUB2 issue with insmod enabled, and the "Boot Hole" issue for HPE signed GRUB2 applications.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04020en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | n/a | HP Intelligent Provisioning |
Version: Gen8 - Prior to 1.72 Version: Gen9 - Prior to 2.81 Version: Gen10 and Gen10 Plus v3.30 or earlier Version: v3.31 Version: v3.40. |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:25:48.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04020en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP Intelligent Provisioning",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Gen8 - Prior to 1.72"
},
{
"status": "affected",
"version": "Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "Gen10 and Gen10 Plus v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40."
}
]
},
{
"product": "HPE ProLiant BL460c Gen9 Server Blade",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant BL660c Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant DL180 Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant DL60 Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant DL80 Gen9 Server ",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant ML110 Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant ML150 Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant XL740f Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant XL750f Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE Apollo 4200 Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant DL20 Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant DL560 Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant ML30 Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant ML350 Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant XL170r Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant XL190r Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant XL230a Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant XL250a Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant XL260a Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant XL450 Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant XL730f Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "ProLiant SE2160w Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant m510 Server Cartridge",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant m710x Server Blade",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant BL460c Gen10 Server Blade",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant DL360 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant DL380 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant DL560 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant DL580 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant ML110 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant MicroServer Gen10",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE Synergy 480 Gen10 Compute Module",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE Synergy 660 Gen10 Compute Module",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant DL180 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant DL160 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant DL120 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant XL270d Gen9 Special Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant DL385 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE Synergy 660 Gen9 Compute Module",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE Synergy 480 Gen9 Compute Module",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant WS460c Gen9 Graphics Server Blade",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HP ProLiant DL580 Gen8 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen8 - Prior to 1.72"
},
{
"status": "affected",
"version": "SPP - Prior to Gen8.1. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE Synergy 620 Gen9 Compute Module",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant ML350 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant DL580 Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant DL360 Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant XL170r Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE Cloudline CL2100 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE Cloudline CL2200 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE Cloudline CL3100 Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE Cloudline CL3150 Gen10 Server (AMD)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant ML10 Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant DL120 Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant DL380 Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE Service Pack for ProLiant",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to Version 2020.03.0"
}
]
},
{
"product": "HPE ProLiant DL160 Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant XL270d Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE Cloudline CL5800 Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE Cloudline CL5200 Gen9 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE Cloudline CL4100 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE Cloudline CL3100 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE Apollo 4200 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant DL325 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant ML30 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant DL20 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE StoreEasy 1000 Storage Gen9",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE StoreEasy 1000 Storage Gen10",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE SimpliVity 380 Gen10",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE SimpliVity 2600 Gen10",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE Cloudline CL2600 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE Cloudline CL2800 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant e910 Server Blade",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant m750 Server Blade",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant m710x-L Server Blade",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE Cloudline CL5800 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant MicroServer Gen10 Plus",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant XL450 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant XL230k Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant XL190r Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE SmartStart Scripting Toolkit Software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to Version 11.40"
}
]
},
{
"product": "HPE Apollo 2000 Gen10 Plus System",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant DL385 Gen10 Plus server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant DL325 Gen10 Plus server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant DX385 Gen10 Plus server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant XL220n Gen10 Plus Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant XL290n Gen10 Plus Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE Synergy 480 Gen10 Plus Compute Module",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant XL925g Gen10 Plus 1U 4-node Configure-to-order Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"status": "affected",
"version": "v3.31"
},
{
"status": "affected",
"version": "v3.40"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
},
{
"product": "HPE ProLiant e910t Server Blade",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IP - Gen9 - Prior to 2.81"
},
{
"status": "affected",
"version": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A potential security vulnerability has been identified in HPE Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. The vulnerability could be locally exploited to allow arbitrary code execution during the boot process. **Note:** This vulnerability is related to using insmod in GRUB2 in the specific impacted HPE product and HPE is addressing this issue. HPE has made the following software updates and mitigation information to resolve the vulnerability in Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. HPE provided latest Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting Toolkit which includes the GRUB2 patch to resolve this vulnerability. These new boot images will update GRUB2 and the Forbidden Signature Database (DBX). After the DBX is updated, users will not be able to boot to the older IP, SPP or Scripting ToolKit with Secure Boot enabled. HPE have provided a standalone DBX update tool to work with Microsoft Windows, and supported Linux Operating Systems. These tools can be used to update the Forbidden Signature Database (DBX) from within the OS. **Note:** This DBX update mitigates the GRUB2 issue with insmod enabled, and the \"Boot Hole\" issue for HPE signed GRUB2 applications."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-30T17:27:10",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04020en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2020-7205",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP Intelligent Provisioning",
"version": {
"version_data": [
{
"version_value": "Gen8 - Prior to 1.72"
},
{
"version_value": "Gen9 - Prior to 2.81"
},
{
"version_value": "Gen10 and Gen10 Plus v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40."
}
]
}
},
{
"product_name": "HPE ProLiant BL460c Gen9 Server Blade",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant BL660c Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant DL180 Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant DL60 Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant DL80 Gen9 Server ",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant ML110 Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant ML150 Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant XL740f Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant XL750f Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE Apollo 4200 Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant DL20 Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant DL560 Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant ML30 Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant ML350 Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant XL170r Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant XL190r Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant XL230a Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant XL250a Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant XL260a Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant XL450 Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant XL730f Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "ProLiant SE2160w Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant m510 Server Cartridge",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant m710x Server Blade",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant BL460c Gen10 Server Blade",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant DL360 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant DL380 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant DL560 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant DL580 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant ML110 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant MicroServer Gen10",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE Synergy 480 Gen10 Compute Module",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE Synergy 660 Gen10 Compute Module",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant DL180 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant DL160 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant DL120 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant XL270d Gen9 Special Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant DL385 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE Synergy 660 Gen9 Compute Module",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE Synergy 480 Gen9 Compute Module",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant WS460c Gen9 Graphics Server Blade",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HP ProLiant DL580 Gen8 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen8 - Prior to 1.72"
},
{
"version_value": "SPP - Prior to Gen8.1. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE Synergy 620 Gen9 Compute Module",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant ML350 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant DL580 Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant DL360 Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant XL170r Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE Cloudline CL2100 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE Cloudline CL2200 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE Cloudline CL3100 Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE Cloudline CL3150 Gen10 Server (AMD)",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant ML10 Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant DL120 Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant DL380 Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE Service Pack for ProLiant",
"version": {
"version_data": [
{
"version_value": "Prior to Version 2020.03.0"
}
]
}
},
{
"product_name": "HPE ProLiant DL160 Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant XL270d Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE Cloudline CL5800 Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE Cloudline CL5200 Gen9 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE Cloudline CL4100 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE Cloudline CL3100 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE Apollo 4200 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant DL325 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant ML30 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant DL20 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE StoreEasy 1000 Storage Gen9",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE StoreEasy 1000 Storage Gen10",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE SimpliVity 380 Gen10",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE SimpliVity 2600 Gen10",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE Cloudline CL2600 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE Cloudline CL2800 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant e910 Server Blade",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant m750 Server Blade",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant m710x-L Server Blade",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE Cloudline CL5800 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant MicroServer Gen10 Plus",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant XL450 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant XL230k Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant XL190r Gen10 Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE SmartStart Scripting Toolkit Software",
"version": {
"version_data": [
{
"version_value": "Prior to Version 11.40"
}
]
}
},
{
"product_name": "HPE Apollo 2000 Gen10 Plus System",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant DL385 Gen10 Plus server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant DL325 Gen10 Plus server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant DX385 Gen10 Plus server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant XL220n Gen10 Plus Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant XL290n Gen10 Plus Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE Synergy 480 Gen10 Plus Compute Module",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant XL925g Gen10 Plus 1U 4-node Configure-to-order Server",
"version": {
"version_data": [
{
"version_value": "IP - Gen10 and Gen10 Plus Servers - v3.30 or earlier"
},
{
"version_value": "v3.31"
},
{
"version_value": "v3.40"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
},
{
"product_name": "HPE ProLiant e910t Server Blade",
"version": {
"version_data": [
{
"version_value": "IP - Gen9 - Prior to 2.81"
},
{
"version_value": "SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A potential security vulnerability has been identified in HPE Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. The vulnerability could be locally exploited to allow arbitrary code execution during the boot process. **Note:** This vulnerability is related to using insmod in GRUB2 in the specific impacted HPE product and HPE is addressing this issue. HPE has made the following software updates and mitigation information to resolve the vulnerability in Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. HPE provided latest Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting Toolkit which includes the GRUB2 patch to resolve this vulnerability. These new boot images will update GRUB2 and the Forbidden Signature Database (DBX). After the DBX is updated, users will not be able to boot to the older IP, SPP or Scripting ToolKit with Secure Boot enabled. HPE have provided a standalone DBX update tool to work with Microsoft Windows, and supported Linux Operating Systems. These tools can be used to update the Forbidden Signature Database (DBX) from within the OS. **Note:** This DBX update mitigates the GRUB2 issue with insmod enabled, and the \"Boot Hole\" issue for HPE signed GRUB2 applications."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04020en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04020en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2020-7205",
"datePublished": "2020-07-30T17:27:10",
"dateReserved": "2020-01-16T00:00:00",
"dateUpdated": "2024-08-04T09:25:48.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-25135
Vulnerability from cvelistv5
Published
2021-01-29 18:45
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setsmtp_func function.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server |
Version: Version. 1.09.0.0 Version: Version 1.07.0.0 Version: Version 1.10.0.0 Version: Version 1.10.0.0 Version: Version 1.08.0.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:10.392Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Version. 1.09.0.0"
},
{
"status": "affected",
"version": "Version 1.07.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.08.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setsmtp_func function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local spx_restservice setsmtp_func function buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-29T18:45:18",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-25135",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "Version. 1.09.0.0"
},
{
"version_value": "Version 1.07.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.08.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setsmtp_func function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local spx_restservice setsmtp_func function buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-25135",
"datePublished": "2021-01-29T18:45:18",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:56:10.392Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-25137
Vulnerability from cvelistv5
Published
2021-01-29 18:41
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice startflash_func function.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server |
Version: Version. 1.09.0.0 Version: Version 1.07.0.0 Version: Version 1.10.0.0 Version: Version 1.10.0.0 Version: Version 1.08.0.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:10.610Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Version. 1.09.0.0"
},
{
"status": "affected",
"version": "Version 1.07.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.08.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice startflash_func function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local spx_restservice startflash_func function buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-29T18:41:36",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-25137",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "Version. 1.09.0.0"
},
{
"version_value": "Version 1.07.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.08.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice startflash_func function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local spx_restservice startflash_func function buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-25137",
"datePublished": "2021-01-29T18:41:36",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:56:10.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-25126
Vulnerability from cvelistv5
Published
2021-01-29 18:08
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice downloadkvmjnlp_func function.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server |
Version: Version. 1.09.0.0 Version: Version 1.07.0.0 Version: Version 1.10.0.0 Version: Version 1.10.0.0 Version: Version 1.08.0.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:10.545Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Version. 1.09.0.0"
},
{
"status": "affected",
"version": "Version 1.07.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.08.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice downloadkvmjnlp_func function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local spx_restservice downloadkvmjnlp_func function buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-29T18:08:28",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-25126",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "Version. 1.09.0.0"
},
{
"version_value": "Version 1.07.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.08.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice downloadkvmjnlp_func function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local spx_restservice downloadkvmjnlp_func function buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-25126",
"datePublished": "2021-01-29T18:08:28",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:56:10.545Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-25136
Vulnerability from cvelistv5
Published
2021-01-29 18:46
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setsolvideoremotestorage_func function.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server |
Version: Version. 1.09.0.0 Version: Version 1.07.0.0 Version: Version 1.10.0.0 Version: Version 1.10.0.0 Version: Version 1.08.0.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:10.595Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Version. 1.09.0.0"
},
{
"status": "affected",
"version": "Version 1.07.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.08.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setsolvideoremotestorage_func function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "spx_restservice setsolvideoremotestorage_func function buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-29T18:46:36",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-25136",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "Version. 1.09.0.0"
},
{
"version_value": "Version 1.07.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.08.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setsolvideoremotestorage_func function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "spx_restservice setsolvideoremotestorage_func function buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-25136",
"datePublished": "2021-01-29T18:46:36",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:56:10.595Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-25129
Vulnerability from cvelistv5
Published
2021-01-29 18:11
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice getvideodata_func function path traversal vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server |
Version: Version. 1.09.0.0 Version: Version 1.07.0.0 Version: Version 1.10.0.0 Version: Version 1.10.0.0 Version: Version 1.08.0.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:10.330Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Version. 1.09.0.0"
},
{
"status": "affected",
"version": "Version 1.07.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.08.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice getvideodata_func function path traversal vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local spx_restservice getvideodata_func function path traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-29T18:11:47",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-25129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "Version. 1.09.0.0"
},
{
"version_value": "Version 1.07.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.08.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice getvideodata_func function path traversal vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local spx_restservice getvideodata_func function path traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-25129",
"datePublished": "2021-01-29T18:11:47",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:56:10.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-25125
Vulnerability from cvelistv5
Published
2021-01-29 18:10
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice delsolrecordedvideo_func function path traversal vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server |
Version: Version. 1.09.0.0 Version: Version 1.07.0.0 Version: Version 1.10.0.0 Version: Version 1.10.0.0 Version: Version 1.08.0.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:10.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Version. 1.09.0.0"
},
{
"status": "affected",
"version": "Version 1.07.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.08.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice delsolrecordedvideo_func function path traversal vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local spx_restservice delsolrecordedvideo_func function path traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-29T18:10:21",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-25125",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "Version. 1.09.0.0"
},
{
"version_value": "Version 1.07.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.08.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice delsolrecordedvideo_func function path traversal vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local spx_restservice delsolrecordedvideo_func function path traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-25125",
"datePublished": "2021-01-29T18:10:21",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:56:10.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-25131
Vulnerability from cvelistv5
Published
2021-01-29 18:36
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setfwimagelocation_func function.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server |
Version: Version. 1.09.0.0 Version: Version 1.07.0.0 Version: Version 1.10.0.0 Version: Version 1.10.0.0 Version: Version 1.08.0.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:10.835Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Version. 1.09.0.0"
},
{
"status": "affected",
"version": "Version 1.07.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.08.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setfwimagelocation_func function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local spx_restservice setfwimagelocation_func function buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-29T18:36:06",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-25131",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "Version. 1.09.0.0"
},
{
"version_value": "Version 1.07.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.08.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setfwimagelocation_func function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local spx_restservice setfwimagelocation_func function buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-25131",
"datePublished": "2021-01-29T18:36:06",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:56:10.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-25138
Vulnerability from cvelistv5
Published
2021-01-29 18:03
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice uploadsshkey function.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server |
Version: Version. 1.09.0.0 Version: Version 1.07.0.0 Version: Version 1.10.0.0 Version: Version 1.10.0.0 Version: Version 1.08.0.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:10.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Version. 1.09.0.0"
},
{
"status": "affected",
"version": "Version 1.07.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.08.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice uploadsshkey function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local spx_restservice uploadsshkey function buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-29T18:03:43",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-25138",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "Version. 1.09.0.0"
},
{
"version_value": "Version 1.07.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.08.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice uploadsshkey function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local spx_restservice uploadsshkey function buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-25138",
"datePublished": "2021-01-29T18:03:43",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:56:10.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-25124
Vulnerability from cvelistv5
Published
2021-01-29 18:06
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice deletevideo_func function path traversal vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server |
Version: Version. 1.09.0.0 Version: Version 1.07.0.0 Version: Version 1.10.0.0 Version: Version 1.10.0.0 Version: Version 1.08.0.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:10.252Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Version. 1.09.0.0"
},
{
"status": "affected",
"version": "Version 1.07.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.08.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice deletevideo_func function path traversal vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local spx_restservice deletevideo_func function path traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-29T18:06:42",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-25124",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "Version. 1.09.0.0"
},
{
"version_value": "Version 1.07.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.08.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice deletevideo_func function path traversal vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local spx_restservice deletevideo_func function path traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-25124",
"datePublished": "2021-01-29T18:06:42",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:56:10.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-25133
Vulnerability from cvelistv5
Published
2021-01-29 18:38
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setradiusconfig_func function.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server |
Version: Version. 1.09.0.0 Version: Version 1.07.0.0 Version: Version 1.10.0.0 Version: Version 1.10.0.0 Version: Version 1.08.0.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:10.566Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Version. 1.09.0.0"
},
{
"status": "affected",
"version": "Version 1.07.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.08.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setradiusconfig_func function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local spx_restservice setradiusconfig_func function buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-29T18:38:49",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-25133",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "Version. 1.09.0.0"
},
{
"version_value": "Version 1.07.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.08.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setradiusconfig_func function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local spx_restservice setradiusconfig_func function buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-25133",
"datePublished": "2021-01-29T18:38:49",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:56:10.566Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-25130
Vulnerability from cvelistv5
Published
2021-01-29 18:40
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setactdir_func function.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server |
Version: Version. 1.09.0.0 Version: Version 1.07.0.0 Version: Version 1.10.0.0 Version: Version 1.10.0.0 Version: Version 1.08.0.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:10.989Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Version. 1.09.0.0"
},
{
"status": "affected",
"version": "Version 1.07.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.08.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setactdir_func function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local spx_restservice setactdir_func function buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-29T18:40:12",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-25130",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "Version. 1.09.0.0"
},
{
"version_value": "Version 1.07.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.08.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setactdir_func function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local spx_restservice setactdir_func function buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-25130",
"datePublished": "2021-01-29T18:40:12",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:56:10.989Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-25127
Vulnerability from cvelistv5
Published
2021-01-29 18:33
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice generatesslcertificate_func function.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server |
Version: Version. 1.09.0.0 Version: Version 1.07.0.0 Version: Version 1.10.0.0 Version: Version 1.10.0.0 Version: Version 1.08.0.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:10.547Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Version. 1.09.0.0"
},
{
"status": "affected",
"version": "Version 1.07.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.10.0.0"
},
{
"status": "affected",
"version": "Version 1.08.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice generatesslcertificate_func function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local spx_restservice generatesslcertificate_func function buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-29T18:33:16",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-25127",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
"version": {
"version_data": [
{
"version_value": "Version. 1.09.0.0"
},
{
"version_value": "Version 1.07.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.10.0.0"
},
{
"version_value": "Version 1.08.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice generatesslcertificate_func function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local spx_restservice generatesslcertificate_func function buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-25127",
"datePublished": "2021-01-29T18:33:16",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:56:10.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2021-01-29 19:15
Modified
2024-11-21 05:54
Severity ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setmediaconfig_func function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hpe | cloudline_cl3100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl3100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl3100_gen10_server | - | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl4100_gen10_server | - | |
| hpe | cloudline_cl5200_gen9_server_firmware | 1.07.0.0 | |
| hpe | cloudline_cl5200_gen9_server | - | |
| hpe | cloudline_cl5800_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl5800_gen10_server | - | |
| hpe | cloudline_cl5800_gen9_server_firmware | 1.09.0.0 | |
| hpe | cloudline_cl5800_gen9_server | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "662D4441-34A1-4BBF-9EB4-1FC94D1736F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D130324-445C-47F1-993E-387399A9AEB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl3100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB48BA1-2048-42F4-A195-F910B875196B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81ACE979-5E08-40CC-A33B-F602FE14CCE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C211F7F-A1E9-4851-A26F-B83B57C32133",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl4100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD84248-F258-4F3A-BD05-E474FE7D6697",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5200_gen9_server_firmware:1.07.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "190FEC40-B9DA-48D6-8DB2-9D524A8FD088",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5200_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8BB0745-54DA-4792-B570-AE037E7C38D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D91102-123F-4009-AB13-BE897220BACE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5410F9D6-9040-4155-A499-30B1814BF36B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen9_server_firmware:1.09.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C359672-5A70-4D99-972D-9A84A518B8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "149886B8-4820-4D7F-ACA6-68FE3DE32D18",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setmediaconfig_func function."
},
{
"lang": "es",
"value": "El Baseboard Management Controller (BMC) en HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server, el firmware de BMC presenta un desbordamiento del b\u00fafer local en la funci\u00f3n setmediaconfig_func de spx_restservice"
}
],
"id": "CVE-2021-25132",
"lastModified": "2024-11-21T05:54:24.930",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-29T19:15:13.960",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-29 19:15
Modified
2024-11-21 05:54
Severity ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setsmtp_func function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hpe | cloudline_cl3100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl3100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl3100_gen10_server | - | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl4100_gen10_server | - | |
| hpe | cloudline_cl5200_gen9_server_firmware | 1.07.0.0 | |
| hpe | cloudline_cl5200_gen9_server | - | |
| hpe | cloudline_cl5800_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl5800_gen10_server | - | |
| hpe | cloudline_cl5800_gen9_server_firmware | 1.09.0.0 | |
| hpe | cloudline_cl5800_gen9_server | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "662D4441-34A1-4BBF-9EB4-1FC94D1736F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D130324-445C-47F1-993E-387399A9AEB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl3100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB48BA1-2048-42F4-A195-F910B875196B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81ACE979-5E08-40CC-A33B-F602FE14CCE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C211F7F-A1E9-4851-A26F-B83B57C32133",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl4100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD84248-F258-4F3A-BD05-E474FE7D6697",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5200_gen9_server_firmware:1.07.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "190FEC40-B9DA-48D6-8DB2-9D524A8FD088",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5200_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8BB0745-54DA-4792-B570-AE037E7C38D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D91102-123F-4009-AB13-BE897220BACE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5410F9D6-9040-4155-A499-30B1814BF36B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen9_server_firmware:1.09.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C359672-5A70-4D99-972D-9A84A518B8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "149886B8-4820-4D7F-ACA6-68FE3DE32D18",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setsmtp_func function."
},
{
"lang": "es",
"value": "El Baseboard Management Controller (BMC) en HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server, el firmware de BMC presenta un desbordamiento del b\u00fafer local en la funci\u00f3n setsmtp_func de spx_restservice"
}
],
"id": "CVE-2021-25135",
"lastModified": "2024-11-21T05:54:25.277",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-29T19:15:14.163",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-07-30 18:15
Modified
2024-11-21 05:36
Severity ?
Summary
A potential security vulnerability has been identified in HPE Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. The vulnerability could be locally exploited to allow arbitrary code execution during the boot process. **Note:** This vulnerability is related to using insmod in GRUB2 in the specific impacted HPE product and HPE is addressing this issue. HPE has made the following software updates and mitigation information to resolve the vulnerability in Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. HPE provided latest Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting Toolkit which includes the GRUB2 patch to resolve this vulnerability. These new boot images will update GRUB2 and the Forbidden Signature Database (DBX). After the DBX is updated, users will not be able to boot to the older IP, SPP or Scripting ToolKit with Secure Boot enabled. HPE have provided a standalone DBX update tool to work with Microsoft Windows, and supported Linux Operating Systems. These tools can be used to update the Forbidden Signature Database (DBX) from within the OS. **Note:** This DBX update mitigates the GRUB2 issue with insmod enabled, and the "Boot Hole" issue for HPE signed GRUB2 applications.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hpe:intelligent_provisioning:*:*:*:*:*:*:*:*",
"matchCriteriaId": "457F590D-983B-4E3D-ACD5-6803C0D133FE",
"versionEndExcluding": "1.72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:proliant_bl460c_gen8_blade_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5BE3D597-87C8-4CA6-83F6-53F7717AE704",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_bl660c_gen8_blade_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F591613-DFDF-449B-B10F-986B0465C881",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl160_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "346996C3-E131-4BE0-9261-E32D0567F795",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl360e_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFFBB73F-EAF7-47A2-BD06-FC31172E05B6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl360p_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47779C63-CDE4-4BE6-96BA-CBD118E027ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl380e_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D81703-DB67-4650-959B-8787ED450AE3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl380p_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6AE425FF-B87E-40D6-A85F-7740418B3A9F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl385p_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "136BEE6B-E5C0-40DC-9789-19AB131A9030",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl560_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CED1122-4927-4665-8D6B-A6C986ED6252",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl580_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "407DB236-65BF-4B41-9C75-4D5BC246A905",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_ml310e_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7791C8B1-D949-4AEE-8BC5-40FECA8FBC7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_ml350e_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92436412-45F8-49EB-B02E-5405F21B42EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_ml350p_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB075F0-2825-43F5-BA0A-8348A082580C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_sl230s_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6795F47-30A0-4433-96FD-808AAF536F45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_sl250s_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533312DC-3EB0-4F15-B7A6-BFCE5CFABC6C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_sl270s_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "361590CD-06A8-4BDF-9C24-053F31468A53",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_sl4540_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BE3EB0B-7828-4383-A1CB-650B59C9F19F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_ws460c_gen8_graphics_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD07DCA-B8AF-409F-A902-AE66CB450152",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hpe:intelligent_provisioning:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9F50030-ACB6-4C68-A256-F75679C61F71",
"versionEndExcluding": "2.81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hpe:service_pack_for_proliant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C739A64-40D4-4E05-B401-F9A8E23689A0",
"versionEndExcluding": "2020.03.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hpe:smartstart_scripting_toolkit:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "BAD81C97-029F-477F-B6D2-B212F5646238",
"versionEndExcluding": "11.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:apollo_4200_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C20D38E9-B2EA-4ECC-B9EC-D29BB249AC77",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:apollo_4520_chassis:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12F3BD74-5F29-4EC3-9D05-53060D5439AC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl3100_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9B1AB81-D2AB-4635-9C31-8A3435CA8DEC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5200_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8BB0745-54DA-4792-B570-AE037E7C38D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "149886B8-4820-4D7F-ACA6-68FE3DE32D18",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_bl460c_gen9_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D230E7A-D852-4040-83CF-164AA3233F00",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_bl660c_gen9_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "283E77B1-C09F-4A4F-A4ED-3CEED3F619F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl120_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6B65F98-15A8-48FA-A836-97430AF183EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl160_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1AD90B1-F95C-4A74-AAD5-684C0E0DCBC0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl180_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E4F18F-55E2-4829-A1EF-881D06CC5481",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl20_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31223B01-2107-479B-AC77-1C31BBE2F96C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl360_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34A65EC0-14C7-4838-913D-8EF11144A85B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl380_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52F6D2D0-482F-4B2F-AF78-82BC56704E8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl388_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F72B02E9-DE68-4923-835F-EE62AFDF6158",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl560_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2068295-B73A-4C01-8351-C2D8B957845B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl580_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3EB6796-FE83-42EB-84FF-F405289EE0B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl60_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F7E5C6-201B-4268-9CA7-13BBA1E74DF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl80_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF640F8-B432-40DA-93C8-77D8351CB390",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_e910_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "174EF59C-18A6-4490-A23A-76E74C1D2AFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_m510_server_cartridge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D32FDE1-231C-4B62-97C3-88902ABC9EAA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_m710x-l_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D869E108-8DE7-4C90-A6B8-42A400F26595",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_m710x_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A215D533-1739-43B9-B7C4-8F5012B64102",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_m750_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E79D5665-6654-4AF7-A3DE-7F338067E8C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_ml10_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDAC0B-39A9-41FF-99AA-66A4422EFE53",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_ml110_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD3268D0-1F66-47BA-972C-21E809DC2F2E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_ml150_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2703B986-0709-4D89-8CAF-7C3FB63D7D3F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_ml30_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9E7C549-3A1B-40DE-A1FC-0BC62040E4C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_ml350_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BB05A81-BDF5-4D6C-B9E3-1894703F1CC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_se2160w_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4587CAC-DED6-40CB-AC35-EA8E5650027E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_ws460c_gen9_graphics_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66E10A5D-7C64-460A-9DBE-E5BCBBFDE6C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_xl170r_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58AE85AC-1062-42E2-8142-9BC754D51035",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_xl190r_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49BA2C97-7AAB-4A55-B487-522715BDC80C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_xl230a_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA80708D-3219-4D54-B167-105DDEC5B85D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_xl250a_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E62FEEB-A62D-42F4-A713-4CEAFF9B158E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_xl260a_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B488E17A-78BE-4B1B-BB22-9800DA0BC0A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_xl270d_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3844A137-DC09-4FEA-BB3F-CBC3E9046C6A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_xl450_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CEE8B85-1F21-418F-B2D3-90151F6423BF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_xl730f_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C838C36-FFF2-4C90-8BF1-21984D6C9C88",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_xl740f_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EBB97C-4A68-4276-BFF2-93D58F6F1CA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_xl750f_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "425FCBD4-A94B-4AE5-B002-258CE1FE97FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:storeeasy_1000_storage_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6394FEE7-9D5A-453D-815E-6EFCFFB04AF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:synergy_480_gen9_compute_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29BE9486-493D-495E-8CFA-1E79FE57457C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:synergy_620_gen9_compute_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "789F7158-51DE-4344-BD8A-1249BFE0158B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:synergy_660_gen9_compute_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0163D6F2-5E24-4741-BEF3-7B671A10CA08",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:synergy_680_gen9_compute_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CBAD3B0-D47D-4E05-96D1-28A989E118CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:synergy_d3940_storage_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A6DEE0-9327-4179-BEBA-2884B4070C7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hpe:intelligent_provisioning:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BA52CD1-7C72-449E-9F32-87279C4AAAFE",
"versionEndIncluding": "3.30.213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hpe:intelligent_provisioning:3.31:*:*:*:*:*:*:*",
"matchCriteriaId": "51EEF7B6-4433-4214-B6F7-1621371D9DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hpe:intelligent_provisioning:3.40:*:*:*:*:*:*:*",
"matchCriteriaId": "7A489940-ACCA-4B1F-869E-F9D4BC8176F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hpe:service_pack_for_proliant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C739A64-40D4-4E05-B401-F9A8E23689A0",
"versionEndExcluding": "2020.03.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hpe:smartstart_scripting_toolkit:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "BAD81C97-029F-477F-B6D2-B212F5646238",
"versionEndExcluding": "11.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:apollo_2000_gen10_plus_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03743177-70D4-442B-B59F-43912385CC83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:apollo_4200_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB818A6-80D5-4DD7-8E0D-EC25764A0693",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:apollo_4510_gen10_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25418088-0890-401E-837C-611154B2C433",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:apollo_6500_gen10_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC09C72C-0BD3-4DB1-96C6-72F2330D4165",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl2100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90ED4DF-0229-430D-A600-B2A777C73A4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl2200_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "739EDD3F-4955-4B2D-A8E8-A092FB10BEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl2600_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75304B66-21EA-4857-8B6C-B32D0457744A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl2800_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7A743B-F9E2-4B70-94C2-920F2B7D18E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl3100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB48BA1-2048-42F4-A195-F910B875196B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl3150_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEDEF98-0D2B-4B9F-AAA6-305043D14F19",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl4100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD84248-F258-4F3A-BD05-E474FE7D6697",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_bl460c_gen10_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C25FD273-0E16-4975-985C-8BD96AE0D449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl120_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5876FB45-B037-4355-BAE9-69157FD0A402",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl160_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0C77CAF-0A18-4447-93BD-C64595475E37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl180_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08D81BA5-E5D8-4D42-8C42-A91063008359",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl20_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B15D52EA-CE63-47AF-993D-265163B5B38E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl325_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93765BE7-D8C2-48C8-9ADA-A7C36B993D95",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl360_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD08B95A-240C-436E-91B5-2D594F6F1F07",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl380_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8545248A-2943-4B8D-A295-BE7D43492BC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl385_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3845235-CAFC-4FB3-AB26-F0E8A8815F88",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl560_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8389F7F-7653-4695-91CC-DCFACC870094",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dl580_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "419470B4-80EF-46BF-8DB4-6569D3E8435F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dx170r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7591DA99-B0CA-4A23-A8C5-C6D9084C2329",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dx190r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1642BAB-2EC5-4E89-86DE-7B9BECA4F6CB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dx360_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26D8AA54-634D-4870-AC5E-BD8F70EDB83D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dx380_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2C8768C-5E7D-4C11-8C49-182CC1D643B0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dx385_gen10_plus_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "594B767B-41AB-436A-AF2C-10185E1161F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dx4200_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B00D29DB-B073-4C5A-934D-87A311D57657",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_dx560_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5869DE25-F914-48E0-8AFF-72C463E99084",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_microserver_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A4A379-205A-479C-9C82-B182AEAEB8B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_microserver_gen10_plus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F8B5AC2-7889-4654-88D2-289CE20A4ED7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_ml110_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB32875E-11E3-443E-809C-12CCAE574570",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_ml30_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76C24685-FEE2-494F-9806-56477E62FD1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_ml350_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DE16BA-939E-4C26-B03B-439E60C7C872",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_xl170r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B224273-2E15-41F2-84D6-D754F6B76B49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_xl190r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ACD7139-05F6-4D60-BB0F-9AA6952720CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_xl220n_gen10_plus_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01181BEB-DE0B-49AA-B632-91B40046120F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_xl230k_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50247A44-3EA0-4B4B-9AB6-64D9B470F190",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_xl270d_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A21F0B8-D613-46CD-BAEC-5CD876FD5352",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_xl270d_gen9_special_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D87F1F6-28DA-433A-B43E-D105EE2B5EBB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_xl290n_gen10_plus_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4435D5C3-A7CB-4EA6-87A9-6026DAC8DA47",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_xl2x260w_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72F58441-4DFB-42F3-AA93-500AAF712D1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_xl450_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBD81201-ECD9-4E9F-A6F0-7EAEB1DA9891",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:proliant_xl925g_gen10_plus_1u_4-node_configure-to-order_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C3D137A-E744-4543-83DF-7B0E01F4456C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:simplivity_2600_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64E80FF0-0B78-4F6C-AB11-0F3CAEDED7E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:simplivity_325_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29CA0D40-ECCC-4252-8CC3-7A1816301F43",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:simplivity_380_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7642DB17-72A4-4762-900F-D4F3B8AEAB1D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:storeeasy_1000_storage_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3D3EB14-1FB5-4080-8CA1-B5549DC2678E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:synergy_480_gen10_compute_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "853AF641-B81C-4FB7-89AB-EACF420F0C62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:synergy_480_gen10_plus_compute_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F15301B-B695-4DC8-9EE5-517AC2E64778",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hpe:synergy_660_gen10_compute_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19188281-533B-450E-84F1-089F3300D08E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A potential security vulnerability has been identified in HPE Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. The vulnerability could be locally exploited to allow arbitrary code execution during the boot process. **Note:** This vulnerability is related to using insmod in GRUB2 in the specific impacted HPE product and HPE is addressing this issue. HPE has made the following software updates and mitigation information to resolve the vulnerability in Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. HPE provided latest Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting Toolkit which includes the GRUB2 patch to resolve this vulnerability. These new boot images will update GRUB2 and the Forbidden Signature Database (DBX). After the DBX is updated, users will not be able to boot to the older IP, SPP or Scripting ToolKit with Secure Boot enabled. HPE have provided a standalone DBX update tool to work with Microsoft Windows, and supported Linux Operating Systems. These tools can be used to update the Forbidden Signature Database (DBX) from within the OS. **Note:** This DBX update mitigates the GRUB2 issue with insmod enabled, and the \"Boot Hole\" issue for HPE signed GRUB2 applications."
},
{
"lang": "es",
"value": "Se identific\u00f3 una posible vulnerabilidad de seguridad en HPE Intelligent Provisioning, Service Pack para ProLiant y HPE Scripting ToolKit. La vulnerabilidad podr\u00eda ser explotada localmente para permitir una ejecuci\u00f3n de c\u00f3digo arbitraria durante el proceso de arranque. ** Nota: ** Esta vulnerabilidad est\u00e1 relacionada con el uso de insmod en GRUB2 en el producto HPE afectado espec\u00edfico y HPE est\u00e1 abordando este problema. HPE ha realizado las siguientes actualizaciones de software e informaci\u00f3n de mitigaci\u00f3n para resolver la vulnerabilidad en Intelligent Provisioning, Service Pack para ProLiant y HPE Scripting ToolKit. HPE proporcion\u00f3 la \u00faltima versi\u00f3n de Intelligent Provisioning, Service Pack para ProLiant y HPE Scripting Toolkit, que incluye el parche de GRUB2 para resolver esta vulnerabilidad. Estas nuevas im\u00e1genes de arranque actualizar\u00e1n GRUB2 y la base de datos de firmas prohibidas (DBX). Una vez que la DBX est\u00e1 actualizada, los usuarios no ser\u00e1n capaces de iniciar desde el antiguo IP, SPP o Scripting ToolKit con Secure Boot habilitado. HPE ha proporcionado una herramienta de actualizaci\u00f3n DBX dedicada para trabajar con Microsoft Windows y sistemas operativos Linux compatibles. Estas herramientas puede ser usadas para actualizar la Forbidden Signature Database (DBX) desde el Sistema Operativo. **Nota:** Esta actualizaci\u00f3n de DBX mitiga el problema de GRUB2 con insmod habilitado y el problema \"Boot Hole\" para las aplicaciones GRUB2 firmadas por HPE"
}
],
"id": "CVE-2020-7205",
"lastModified": "2024-11-21T05:36:49.470",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-30T18:15:11.737",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04020en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04020en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-29 19:15
Modified
2024-11-21 05:54
Severity ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setsolvideoremotestorage_func function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hpe | cloudline_cl3100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl3100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl3100_gen10_server | - | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl4100_gen10_server | - | |
| hpe | cloudline_cl5200_gen9_server_firmware | 1.07.0.0 | |
| hpe | cloudline_cl5200_gen9_server | - | |
| hpe | cloudline_cl5800_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl5800_gen10_server | - | |
| hpe | cloudline_cl5800_gen9_server_firmware | 1.09.0.0 | |
| hpe | cloudline_cl5800_gen9_server | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "662D4441-34A1-4BBF-9EB4-1FC94D1736F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D130324-445C-47F1-993E-387399A9AEB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl3100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB48BA1-2048-42F4-A195-F910B875196B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81ACE979-5E08-40CC-A33B-F602FE14CCE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C211F7F-A1E9-4851-A26F-B83B57C32133",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl4100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD84248-F258-4F3A-BD05-E474FE7D6697",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5200_gen9_server_firmware:1.07.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "190FEC40-B9DA-48D6-8DB2-9D524A8FD088",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5200_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8BB0745-54DA-4792-B570-AE037E7C38D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D91102-123F-4009-AB13-BE897220BACE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5410F9D6-9040-4155-A499-30B1814BF36B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen9_server_firmware:1.09.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C359672-5A70-4D99-972D-9A84A518B8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "149886B8-4820-4D7F-ACA6-68FE3DE32D18",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setsolvideoremotestorage_func function."
},
{
"lang": "es",
"value": "El Baseboard Management Controller (BMC) en HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server, el firmware de BMC presenta un desbordamiento del b\u00fafer local en la funci\u00f3n setsolvideoremotestorage_func de spx_restservice"
}
],
"id": "CVE-2021-25136",
"lastModified": "2024-11-21T05:54:25.403",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-29T19:15:14.223",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-29 19:15
Modified
2024-11-21 05:54
Severity ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice getvideodata_func function path traversal vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hpe | cloudline_cl3100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl3100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl3100_gen10_server | - | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl4100_gen10_server | - | |
| hpe | cloudline_cl5200_gen9_server_firmware | 1.07.0.0 | |
| hpe | cloudline_cl5200_gen9_server | - | |
| hpe | cloudline_cl5800_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl5800_gen10_server | - | |
| hpe | cloudline_cl5800_gen9_server_firmware | 1.09.0.0 | |
| hpe | cloudline_cl5800_gen9_server | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "662D4441-34A1-4BBF-9EB4-1FC94D1736F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D130324-445C-47F1-993E-387399A9AEB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl3100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB48BA1-2048-42F4-A195-F910B875196B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81ACE979-5E08-40CC-A33B-F602FE14CCE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C211F7F-A1E9-4851-A26F-B83B57C32133",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl4100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD84248-F258-4F3A-BD05-E474FE7D6697",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5200_gen9_server_firmware:1.07.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "190FEC40-B9DA-48D6-8DB2-9D524A8FD088",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5200_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8BB0745-54DA-4792-B570-AE037E7C38D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D91102-123F-4009-AB13-BE897220BACE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5410F9D6-9040-4155-A499-30B1814BF36B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen9_server_firmware:1.09.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C359672-5A70-4D99-972D-9A84A518B8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "149886B8-4820-4D7F-ACA6-68FE3DE32D18",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice getvideodata_func function path traversal vulnerability."
},
{
"lang": "es",
"value": "El Baseboard Management Controller (BMC) en HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server, el firmware de BMC presenta una vulnerabilidad de salto de ruta local en la funci\u00f3n getvideodata_func de spx_restservice"
}
],
"id": "CVE-2021-25129",
"lastModified": "2024-11-21T05:54:24.583",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-29T19:15:13.757",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-29 19:15
Modified
2024-11-21 05:54
Severity ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setremoteimageinfo_func function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hpe | cloudline_cl3100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl3100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl3100_gen10_server | - | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl4100_gen10_server | - | |
| hpe | cloudline_cl5200_gen9_server_firmware | 1.07.0.0 | |
| hpe | cloudline_cl5200_gen9_server | - | |
| hpe | cloudline_cl5800_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl5800_gen10_server | - | |
| hpe | cloudline_cl5800_gen9_server_firmware | 1.09.0.0 | |
| hpe | cloudline_cl5800_gen9_server | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "662D4441-34A1-4BBF-9EB4-1FC94D1736F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D130324-445C-47F1-993E-387399A9AEB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl3100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB48BA1-2048-42F4-A195-F910B875196B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81ACE979-5E08-40CC-A33B-F602FE14CCE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C211F7F-A1E9-4851-A26F-B83B57C32133",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl4100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD84248-F258-4F3A-BD05-E474FE7D6697",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5200_gen9_server_firmware:1.07.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "190FEC40-B9DA-48D6-8DB2-9D524A8FD088",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5200_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8BB0745-54DA-4792-B570-AE037E7C38D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D91102-123F-4009-AB13-BE897220BACE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5410F9D6-9040-4155-A499-30B1814BF36B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen9_server_firmware:1.09.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C359672-5A70-4D99-972D-9A84A518B8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "149886B8-4820-4D7F-ACA6-68FE3DE32D18",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setremoteimageinfo_func function."
},
{
"lang": "es",
"value": "El Baseboard Management Controller (BMC) en HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server, el firmware de BMC presenta un desbordamiento del b\u00fafer local en la funci\u00f3n setremoteimageinfo_func de spx_restservice"
}
],
"id": "CVE-2021-25134",
"lastModified": "2024-11-21T05:54:25.160",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-29T19:15:14.100",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-29 19:15
Modified
2024-11-21 05:54
Severity ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setradiusconfig_func function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hpe | cloudline_cl3100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl3100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl3100_gen10_server | - | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl4100_gen10_server | - | |
| hpe | cloudline_cl5200_gen9_server_firmware | 1.07.0.0 | |
| hpe | cloudline_cl5200_gen9_server | - | |
| hpe | cloudline_cl5800_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl5800_gen10_server | - | |
| hpe | cloudline_cl5800_gen9_server_firmware | 1.09.0.0 | |
| hpe | cloudline_cl5800_gen9_server | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "662D4441-34A1-4BBF-9EB4-1FC94D1736F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D130324-445C-47F1-993E-387399A9AEB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl3100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB48BA1-2048-42F4-A195-F910B875196B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81ACE979-5E08-40CC-A33B-F602FE14CCE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C211F7F-A1E9-4851-A26F-B83B57C32133",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl4100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD84248-F258-4F3A-BD05-E474FE7D6697",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5200_gen9_server_firmware:1.07.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "190FEC40-B9DA-48D6-8DB2-9D524A8FD088",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5200_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8BB0745-54DA-4792-B570-AE037E7C38D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D91102-123F-4009-AB13-BE897220BACE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5410F9D6-9040-4155-A499-30B1814BF36B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen9_server_firmware:1.09.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C359672-5A70-4D99-972D-9A84A518B8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "149886B8-4820-4D7F-ACA6-68FE3DE32D18",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setradiusconfig_func function."
},
{
"lang": "es",
"value": "El Baseboard Management Controller (BMC) en HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server, el firmware de BMC presenta un desbordamiento del b\u00fafer local en la funci\u00f3n setradiusconfig_func de spx_restservice"
}
],
"id": "CVE-2021-25133",
"lastModified": "2024-11-21T05:54:25.043",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-29T19:15:14.020",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-29 19:15
Modified
2024-11-21 05:54
Severity ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice uploadsshkey function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hpe | cloudline_cl3100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl3100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl3100_gen10_server | - | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl4100_gen10_server | - | |
| hpe | cloudline_cl5200_gen9_server_firmware | 1.07.0.0 | |
| hpe | cloudline_cl5200_gen9_server | - | |
| hpe | cloudline_cl5800_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl5800_gen10_server | - | |
| hpe | cloudline_cl5800_gen9_server_firmware | 1.09.0.0 | |
| hpe | cloudline_cl5800_gen9_server | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "662D4441-34A1-4BBF-9EB4-1FC94D1736F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D130324-445C-47F1-993E-387399A9AEB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl3100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB48BA1-2048-42F4-A195-F910B875196B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81ACE979-5E08-40CC-A33B-F602FE14CCE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C211F7F-A1E9-4851-A26F-B83B57C32133",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl4100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD84248-F258-4F3A-BD05-E474FE7D6697",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5200_gen9_server_firmware:1.07.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "190FEC40-B9DA-48D6-8DB2-9D524A8FD088",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5200_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8BB0745-54DA-4792-B570-AE037E7C38D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D91102-123F-4009-AB13-BE897220BACE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5410F9D6-9040-4155-A499-30B1814BF36B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen9_server_firmware:1.09.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C359672-5A70-4D99-972D-9A84A518B8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "149886B8-4820-4D7F-ACA6-68FE3DE32D18",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice uploadsshkey function."
},
{
"lang": "es",
"value": "El Baseboard Management Controller (BMC) en HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server, el firmware de BMC presenta un desbordamiento del b\u00fafer local en la funci\u00f3n uploadsshkey de spx_restservice"
}
],
"id": "CVE-2021-25138",
"lastModified": "2024-11-21T05:54:25.630",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-29T19:15:14.350",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-29 19:15
Modified
2024-11-21 05:54
Severity ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setfwimagelocation_func function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hpe | cloudline_cl3100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl3100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl3100_gen10_server | - | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl4100_gen10_server | - | |
| hpe | cloudline_cl5200_gen9_server_firmware | 1.07.0.0 | |
| hpe | cloudline_cl5200_gen9_server | - | |
| hpe | cloudline_cl5800_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl5800_gen10_server | - | |
| hpe | cloudline_cl5800_gen9_server_firmware | 1.09.0.0 | |
| hpe | cloudline_cl5800_gen9_server | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "662D4441-34A1-4BBF-9EB4-1FC94D1736F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D130324-445C-47F1-993E-387399A9AEB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl3100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB48BA1-2048-42F4-A195-F910B875196B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81ACE979-5E08-40CC-A33B-F602FE14CCE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C211F7F-A1E9-4851-A26F-B83B57C32133",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl4100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD84248-F258-4F3A-BD05-E474FE7D6697",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5200_gen9_server_firmware:1.07.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "190FEC40-B9DA-48D6-8DB2-9D524A8FD088",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5200_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8BB0745-54DA-4792-B570-AE037E7C38D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D91102-123F-4009-AB13-BE897220BACE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5410F9D6-9040-4155-A499-30B1814BF36B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen9_server_firmware:1.09.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C359672-5A70-4D99-972D-9A84A518B8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "149886B8-4820-4D7F-ACA6-68FE3DE32D18",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setfwimagelocation_func function."
},
{
"lang": "es",
"value": "El Baseboard Management Controller (BMC) en HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server, el firmware de BMC presenta un desbordamiento del b\u00fafer local en la funci\u00f3n setfwimagelocation_func de spx_restservice"
}
],
"id": "CVE-2021-25131",
"lastModified": "2024-11-21T05:54:24.820",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-29T19:15:13.880",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-29 19:15
Modified
2024-11-21 05:54
Severity ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice downloadkvmjnlp_func function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hpe | cloudline_cl3100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl3100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl3100_gen10_server | - | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl4100_gen10_server | - | |
| hpe | cloudline_cl5200_gen9_server_firmware | 1.07.0.0 | |
| hpe | cloudline_cl5200_gen9_server | - | |
| hpe | cloudline_cl5800_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl5800_gen10_server | - | |
| hpe | cloudline_cl5800_gen9_server_firmware | 1.09.0.0 | |
| hpe | cloudline_cl5800_gen9_server | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "662D4441-34A1-4BBF-9EB4-1FC94D1736F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D130324-445C-47F1-993E-387399A9AEB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl3100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB48BA1-2048-42F4-A195-F910B875196B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81ACE979-5E08-40CC-A33B-F602FE14CCE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C211F7F-A1E9-4851-A26F-B83B57C32133",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl4100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD84248-F258-4F3A-BD05-E474FE7D6697",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5200_gen9_server_firmware:1.07.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "190FEC40-B9DA-48D6-8DB2-9D524A8FD088",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5200_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8BB0745-54DA-4792-B570-AE037E7C38D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D91102-123F-4009-AB13-BE897220BACE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5410F9D6-9040-4155-A499-30B1814BF36B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen9_server_firmware:1.09.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C359672-5A70-4D99-972D-9A84A518B8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "149886B8-4820-4D7F-ACA6-68FE3DE32D18",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice downloadkvmjnlp_func function."
},
{
"lang": "es",
"value": "El Baseboard Management Controller (BMC) en HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server, el firmware de BMC presenta un desbordamiento del b\u00fafer local en la funci\u00f3n downloadkvmjnlp_func de spx_restservice"
}
],
"id": "CVE-2021-25126",
"lastModified": "2024-11-21T05:54:24.240",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-29T19:15:13.553",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-29 19:15
Modified
2024-11-21 05:54
Severity ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice generatesslcertificate_func function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hpe | cloudline_cl3100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl3100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl3100_gen10_server | - | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl4100_gen10_server | - | |
| hpe | cloudline_cl5200_gen9_server_firmware | 1.07.0.0 | |
| hpe | cloudline_cl5200_gen9_server | - | |
| hpe | cloudline_cl5800_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl5800_gen10_server | - | |
| hpe | cloudline_cl5800_gen9_server_firmware | 1.09.0.0 | |
| hpe | cloudline_cl5800_gen9_server | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "662D4441-34A1-4BBF-9EB4-1FC94D1736F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D130324-445C-47F1-993E-387399A9AEB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl3100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB48BA1-2048-42F4-A195-F910B875196B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81ACE979-5E08-40CC-A33B-F602FE14CCE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C211F7F-A1E9-4851-A26F-B83B57C32133",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl4100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD84248-F258-4F3A-BD05-E474FE7D6697",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5200_gen9_server_firmware:1.07.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "190FEC40-B9DA-48D6-8DB2-9D524A8FD088",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5200_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8BB0745-54DA-4792-B570-AE037E7C38D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D91102-123F-4009-AB13-BE897220BACE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5410F9D6-9040-4155-A499-30B1814BF36B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen9_server_firmware:1.09.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C359672-5A70-4D99-972D-9A84A518B8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "149886B8-4820-4D7F-ACA6-68FE3DE32D18",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice generatesslcertificate_func function."
},
{
"lang": "es",
"value": "El Baseboard Management Controller (BMC) en HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server, el firmware de BMC presenta un desbordamiento del b\u00fafer local en la funci\u00f3n generaslcertificate_func de spx_restservice"
}
],
"id": "CVE-2021-25127",
"lastModified": "2024-11-21T05:54:24.350",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-29T19:15:13.630",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-29 13:15
Modified
2024-11-21 05:54
Severity ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice addlicense_func function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hpe | cloudline_cl5800_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl5800_gen10_server | - | |
| hpe | cloudline_cl3100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl3100_gen10_server | - | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl4100_gen10_server | - | |
| hpe | cloudline_cl5200_gen9_server_firmware | 1.07.0.0 | |
| hpe | cloudline_cl5200_gen9_server | - | |
| hpe | cloudline_cl5800_gen9_server_firmware | 1.09.0.0 | |
| hpe | cloudline_cl5800_gen9_server | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D91102-123F-4009-AB13-BE897220BACE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5410F9D6-9040-4155-A499-30B1814BF36B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D130324-445C-47F1-993E-387399A9AEB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl3100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB48BA1-2048-42F4-A195-F910B875196B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C211F7F-A1E9-4851-A26F-B83B57C32133",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl4100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD84248-F258-4F3A-BD05-E474FE7D6697",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5200_gen9_server_firmware:1.07.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "190FEC40-B9DA-48D6-8DB2-9D524A8FD088",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5200_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8BB0745-54DA-4792-B570-AE037E7C38D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen9_server_firmware:1.09.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C359672-5A70-4D99-972D-9A84A518B8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "149886B8-4820-4D7F-ACA6-68FE3DE32D18",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice addlicense_func function."
},
{
"lang": "es",
"value": "El Baseboard Management Controller (BMC) en HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server, el firmware de BMC presenta un desbordamiento del b\u00fafer local en la funci\u00f3n addlicense_func de spx_restservice"
}
],
"id": "CVE-2021-25123",
"lastModified": "2024-11-21T05:54:23.890",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-29T13:15:12.480",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-29 19:15
Modified
2024-11-21 05:54
Severity ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice gethelpdata_func function path traversal vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hpe | cloudline_cl3100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl3100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl3100_gen10_server | - | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl4100_gen10_server | - | |
| hpe | cloudline_cl5200_gen9_server_firmware | 1.07.0.0 | |
| hpe | cloudline_cl5200_gen9_server | - | |
| hpe | cloudline_cl5800_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl5800_gen10_server | - | |
| hpe | cloudline_cl5800_gen9_server_firmware | 1.09.0.0 | |
| hpe | cloudline_cl5800_gen9_server | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "662D4441-34A1-4BBF-9EB4-1FC94D1736F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D130324-445C-47F1-993E-387399A9AEB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl3100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB48BA1-2048-42F4-A195-F910B875196B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81ACE979-5E08-40CC-A33B-F602FE14CCE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C211F7F-A1E9-4851-A26F-B83B57C32133",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl4100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD84248-F258-4F3A-BD05-E474FE7D6697",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5200_gen9_server_firmware:1.07.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "190FEC40-B9DA-48D6-8DB2-9D524A8FD088",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5200_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8BB0745-54DA-4792-B570-AE037E7C38D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D91102-123F-4009-AB13-BE897220BACE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5410F9D6-9040-4155-A499-30B1814BF36B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen9_server_firmware:1.09.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C359672-5A70-4D99-972D-9A84A518B8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "149886B8-4820-4D7F-ACA6-68FE3DE32D18",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice gethelpdata_func function path traversal vulnerability."
},
{
"lang": "es",
"value": "El Baseboard Management Controller (BMC) en HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server, el firmware HPE Cloudline CL5800 Gen10 Server BMC, presenta una vulnerabilidad de salto de ruta local en la funci\u00f3n gethelpdata_func de spx_restservice"
}
],
"id": "CVE-2021-25128",
"lastModified": "2024-11-21T05:54:24.470",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-29T19:15:13.697",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-29 19:15
Modified
2024-11-21 05:54
Severity ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice startflash_func function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hpe | cloudline_cl3100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl3100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl3100_gen10_server | - | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl4100_gen10_server | - | |
| hpe | cloudline_cl5200_gen9_server_firmware | 1.07.0.0 | |
| hpe | cloudline_cl5200_gen9_server | - | |
| hpe | cloudline_cl5800_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl5800_gen10_server | - | |
| hpe | cloudline_cl5800_gen9_server_firmware | 1.09.0.0 | |
| hpe | cloudline_cl5800_gen9_server | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "662D4441-34A1-4BBF-9EB4-1FC94D1736F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D130324-445C-47F1-993E-387399A9AEB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl3100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB48BA1-2048-42F4-A195-F910B875196B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81ACE979-5E08-40CC-A33B-F602FE14CCE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C211F7F-A1E9-4851-A26F-B83B57C32133",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl4100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD84248-F258-4F3A-BD05-E474FE7D6697",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5200_gen9_server_firmware:1.07.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "190FEC40-B9DA-48D6-8DB2-9D524A8FD088",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5200_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8BB0745-54DA-4792-B570-AE037E7C38D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D91102-123F-4009-AB13-BE897220BACE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5410F9D6-9040-4155-A499-30B1814BF36B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen9_server_firmware:1.09.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C359672-5A70-4D99-972D-9A84A518B8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "149886B8-4820-4D7F-ACA6-68FE3DE32D18",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice startflash_func function."
},
{
"lang": "es",
"value": "El Baseboard Management Controller (BMC) en HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server, el firmware de BMC presenta un desbordamiento del b\u00fafer local en la funci\u00f3n startflash_func de spx_restservice"
}
],
"id": "CVE-2021-25137",
"lastModified": "2024-11-21T05:54:25.520",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-29T19:15:14.287",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-29 19:15
Modified
2024-11-21 05:54
Severity ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice deletevideo_func function path traversal vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hpe | cloudline_cl3100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl3100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl3100_gen10_server | - | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl4100_gen10_server | - | |
| hpe | cloudline_cl5200_gen9_server_firmware | 1.07.0.0 | |
| hpe | cloudline_cl5200_gen9_server | - | |
| hpe | cloudline_cl5800_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl5800_gen10_server | - | |
| hpe | cloudline_cl5800_gen9_server_firmware | 1.09.0.0 | |
| hpe | cloudline_cl5800_gen9_server | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "662D4441-34A1-4BBF-9EB4-1FC94D1736F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D130324-445C-47F1-993E-387399A9AEB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl3100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB48BA1-2048-42F4-A195-F910B875196B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81ACE979-5E08-40CC-A33B-F602FE14CCE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C211F7F-A1E9-4851-A26F-B83B57C32133",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl4100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD84248-F258-4F3A-BD05-E474FE7D6697",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5200_gen9_server_firmware:1.07.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "190FEC40-B9DA-48D6-8DB2-9D524A8FD088",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5200_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8BB0745-54DA-4792-B570-AE037E7C38D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D91102-123F-4009-AB13-BE897220BACE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5410F9D6-9040-4155-A499-30B1814BF36B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen9_server_firmware:1.09.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C359672-5A70-4D99-972D-9A84A518B8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "149886B8-4820-4D7F-ACA6-68FE3DE32D18",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice deletevideo_func function path traversal vulnerability."
},
{
"lang": "es",
"value": "El Baseboard Management Controller (BMC) en HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server, el firmware de BMC presenta una vulnerabilidad de salto de ruta local en la funci\u00f3n deletevideo_func de spx_restservice"
}
],
"id": "CVE-2021-25124",
"lastModified": "2024-11-21T05:54:24.007",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-29T19:15:13.427",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-29 19:15
Modified
2024-11-21 05:54
Severity ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice delsolrecordedvideo_func function path traversal vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hpe | cloudline_cl3100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl3100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl3100_gen10_server | - | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl4100_gen10_server | - | |
| hpe | cloudline_cl5200_gen9_server_firmware | 1.07.0.0 | |
| hpe | cloudline_cl5200_gen9_server | - | |
| hpe | cloudline_cl5800_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl5800_gen10_server | - | |
| hpe | cloudline_cl5800_gen9_server_firmware | 1.09.0.0 | |
| hpe | cloudline_cl5800_gen9_server | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "662D4441-34A1-4BBF-9EB4-1FC94D1736F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D130324-445C-47F1-993E-387399A9AEB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl3100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB48BA1-2048-42F4-A195-F910B875196B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81ACE979-5E08-40CC-A33B-F602FE14CCE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C211F7F-A1E9-4851-A26F-B83B57C32133",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl4100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD84248-F258-4F3A-BD05-E474FE7D6697",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5200_gen9_server_firmware:1.07.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "190FEC40-B9DA-48D6-8DB2-9D524A8FD088",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5200_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8BB0745-54DA-4792-B570-AE037E7C38D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D91102-123F-4009-AB13-BE897220BACE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5410F9D6-9040-4155-A499-30B1814BF36B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen9_server_firmware:1.09.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C359672-5A70-4D99-972D-9A84A518B8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "149886B8-4820-4D7F-ACA6-68FE3DE32D18",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice delsolrecordedvideo_func function path traversal vulnerability."
},
{
"lang": "es",
"value": "El Baseboard Management Controller (BMC) en HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server, el firmware de BMC presenta una vulnerabilidad de salto de ruta local en la funci\u00f3n delsolrecordedvideo_func de spx_restservice"
}
],
"id": "CVE-2021-25125",
"lastModified": "2024-11-21T05:54:24.120",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-29T19:15:13.490",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-29 19:15
Modified
2024-11-21 05:54
Severity ?
Summary
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setactdir_func function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hpe | cloudline_cl3100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl3100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl3100_gen10_server | - | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl4100_gen10_server_firmware | 1.10.0.0 | |
| hpe | cloudline_cl4100_gen10_server | - | |
| hpe | cloudline_cl5200_gen9_server_firmware | 1.07.0.0 | |
| hpe | cloudline_cl5200_gen9_server | - | |
| hpe | cloudline_cl5800_gen10_server_firmware | 1.08.0.0 | |
| hpe | cloudline_cl5800_gen10_server | - | |
| hpe | cloudline_cl5800_gen9_server_firmware | 1.09.0.0 | |
| hpe | cloudline_cl5800_gen9_server | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "662D4441-34A1-4BBF-9EB4-1FC94D1736F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D130324-445C-47F1-993E-387399A9AEB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl3100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB48BA1-2048-42F4-A195-F910B875196B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81ACE979-5E08-40CC-A33B-F602FE14CCE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C211F7F-A1E9-4851-A26F-B83B57C32133",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl4100_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD84248-F258-4F3A-BD05-E474FE7D6697",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5200_gen9_server_firmware:1.07.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "190FEC40-B9DA-48D6-8DB2-9D524A8FD088",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5200_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8BB0745-54DA-4792-B570-AE037E7C38D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen10_server_firmware:1.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D91102-123F-4009-AB13-BE897220BACE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5410F9D6-9040-4155-A499-30B1814BF36B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:cloudline_cl5800_gen9_server_firmware:1.09.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C359672-5A70-4D99-972D-9A84A518B8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:cloudline_cl5800_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "149886B8-4820-4D7F-ACA6-68FE3DE32D18",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setactdir_func function."
},
{
"lang": "es",
"value": "El Baseboard Management Controller (BMC) en HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server, el firmware de BMC presenta un desbordamiento del b\u00fafer local en la funci\u00f3n setactdir_func de spx_restservice"
}
],
"id": "CVE-2021-25130",
"lastModified": "2024-11-21T05:54:24.707",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-29T19:15:13.817",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04073en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}