All the vulnerabilites related to hp - simplivity_380_gen10_h
Vulnerability from fkie_nvd
Published
2021-05-25 15:15
Modified
2024-11-21 06:00
Severity ?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E25CDBB-3C9D-4AAB-BA21-0346546AA369",
"versionEndExcluding": "2.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F05331F2-DF6B-4CD3-9BA4-B97A34746509",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_5:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD145EB4-A7F3-4A6D-A782-080507068D45",
"versionEndExcluding": "2.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl460c_gen10_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E00679-A2A7-4A51-9764-462BF479F423",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl120_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B553E44A-A209-49CA-A914-CC1FE51D90D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl160_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "666AAAE5-83AB-4018-891D-2FC69AE6AD65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl180_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD32E61-4FFE-4ECF-9582-B96D1513C706",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl20_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BDF28CD-B01A-4C31-B62A-0472AD96D255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl325_gen10_plus_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5F7BC4-EAA0-47EB-A66A-B5BC60620E1F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl325_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58196CA6-BA67-4361-8056-B52B1A323E5D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl360_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5FC76C8-44FC-4BCC-95C1-0717126BBE2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl380_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD8AB8C-D5BA-4312-9E7A-48ECB09F3C16",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_gen10_plus_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF5E039-BBBF-42A4-8F57-CB2B7E65D763",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306B6EC0-C471-48B6-858C-93A4A6CB976D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl560_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A16D30B-D064-4EEC-9628-7B64B63CE2CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl580_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A367F8FE-8500-4512-831A-408BB0772586",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml110_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "358CD445-B506-4EE9-A282-76A790EA4583",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml30_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D857745-3DBE-4B0A-ACE3-0159EB3D0121",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml350_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9DB2958-DDCD-4ACA-B9C1-F7914622E36B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl170r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A0F022-C271-4DB6-A12E-1A2357C0BFE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl190r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29DEE638-BD6B-4B70-ABEE-AFD8FDA99F45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl230k_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B1F484-2258-4326-AEFA-725BD8EFE6CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl270d_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00D87480-CB71-4BB0-A034-41B3AA9F10A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl450_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81B8CA7A-F115-4932-A932-F61180E79A72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A13A066-1BC1-43D3-BBCC-499F1C1C864A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4D8959-5623-4211-BE1B-80E6557D61F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFA60F7D-DD77-4DED-B13B-C59025FCF3A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10_g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C077CA8B-F758-4D35-BFBA-9350586BBB91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10_h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2DAFA4-2B9B-455D-9ABD-28D3E36859F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
},
{
"lang": "es",
"value": "Se detect\u00f3 una vulnerabilidad de tipo xss remota en HPE Integrated Lights-Out 4 (iLO 4);\u0026#xa0;HPE SimpliVity 380 Gen9;\u0026#xa0;HPE Integrated Lights-Out 5 (iLO 5) para servidores HPE Gen10;\u0026#xa0;HPE SimpliVity 380 Gen10;\u0026#xa0;HPE SimpliVity 2600;\u0026#xa0;HPE SimpliVity 380 Gen10 G;\u0026#xa0;HPE SimpliVity 325;\u0026#xa0;Versiones de HPE SimpliVity 380 Gen10 H: anterior a versi\u00f3n 2.78"
}
],
"id": "CVE-2021-29211",
"lastModified": "2024-11-21T06:00:50.067",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-25T15:15:07.497",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-25 15:15
Modified
2024-11-21 06:00
Severity ?
Summary
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E25CDBB-3C9D-4AAB-BA21-0346546AA369",
"versionEndExcluding": "2.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F05331F2-DF6B-4CD3-9BA4-B97A34746509",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_5:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD145EB4-A7F3-4A6D-A782-080507068D45",
"versionEndExcluding": "2.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl460c_gen10_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E00679-A2A7-4A51-9764-462BF479F423",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl120_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B553E44A-A209-49CA-A914-CC1FE51D90D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl160_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "666AAAE5-83AB-4018-891D-2FC69AE6AD65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl180_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD32E61-4FFE-4ECF-9582-B96D1513C706",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl20_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BDF28CD-B01A-4C31-B62A-0472AD96D255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl325_gen10_plus_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5F7BC4-EAA0-47EB-A66A-B5BC60620E1F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl325_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58196CA6-BA67-4361-8056-B52B1A323E5D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl360_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5FC76C8-44FC-4BCC-95C1-0717126BBE2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl380_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD8AB8C-D5BA-4312-9E7A-48ECB09F3C16",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_gen10_plus_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF5E039-BBBF-42A4-8F57-CB2B7E65D763",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306B6EC0-C471-48B6-858C-93A4A6CB976D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl560_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A16D30B-D064-4EEC-9628-7B64B63CE2CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl580_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A367F8FE-8500-4512-831A-408BB0772586",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml110_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "358CD445-B506-4EE9-A282-76A790EA4583",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml30_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D857745-3DBE-4B0A-ACE3-0159EB3D0121",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml350_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9DB2958-DDCD-4ACA-B9C1-F7914622E36B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl170r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A0F022-C271-4DB6-A12E-1A2357C0BFE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl190r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29DEE638-BD6B-4B70-ABEE-AFD8FDA99F45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl230k_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B1F484-2258-4326-AEFA-725BD8EFE6CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl270d_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00D87480-CB71-4BB0-A034-41B3AA9F10A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl450_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81B8CA7A-F115-4932-A932-F61180E79A72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A13A066-1BC1-43D3-BBCC-499F1C1C864A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4D8959-5623-4211-BE1B-80E6557D61F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFA60F7D-DD77-4DED-B13B-C59025FCF3A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10_g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C077CA8B-F758-4D35-BFBA-9350586BBB91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10_h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2DAFA4-2B9B-455D-9ABD-28D3E36859F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
},
{
"lang": "es",
"value": "Se detect\u00f3 una vulnerabilidad de un xss dom y una inyecci\u00f3n remota de crlf en HPE Integrated Lights-Out 4 (iLO 4);\u0026#xa0;HPE SimpliVity 380 Gen9;\u0026#xa0;HPE Integrated Lights-Out 5 (iLO 5) para servidores HPE Gen10;\u0026#xa0;HPE SimpliVity 380 Gen10;\u0026#xa0;HPE SimpliVity 2600;\u0026#xa0;HPE SimpliVity 380 Gen10 G;\u0026#xa0;HPE SimpliVity 325;\u0026#xa0;Versiones de HPE SimpliVity 380 Gen10 H: anterior a versi\u00f3n 2.78"
}
],
"id": "CVE-2021-29209",
"lastModified": "2024-11-21T06:00:49.823",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-25T15:15:07.443",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-25 14:15
Modified
2024-11-21 06:00
Severity ?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E25CDBB-3C9D-4AAB-BA21-0346546AA369",
"versionEndExcluding": "2.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F05331F2-DF6B-4CD3-9BA4-B97A34746509",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_5:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD145EB4-A7F3-4A6D-A782-080507068D45",
"versionEndExcluding": "2.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl460c_gen10_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E00679-A2A7-4A51-9764-462BF479F423",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl120_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B553E44A-A209-49CA-A914-CC1FE51D90D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl160_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "666AAAE5-83AB-4018-891D-2FC69AE6AD65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl180_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD32E61-4FFE-4ECF-9582-B96D1513C706",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl20_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BDF28CD-B01A-4C31-B62A-0472AD96D255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl325_gen10_plus_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5F7BC4-EAA0-47EB-A66A-B5BC60620E1F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl325_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58196CA6-BA67-4361-8056-B52B1A323E5D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl360_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5FC76C8-44FC-4BCC-95C1-0717126BBE2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl380_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD8AB8C-D5BA-4312-9E7A-48ECB09F3C16",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_gen10_plus_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF5E039-BBBF-42A4-8F57-CB2B7E65D763",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306B6EC0-C471-48B6-858C-93A4A6CB976D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl560_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A16D30B-D064-4EEC-9628-7B64B63CE2CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl580_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A367F8FE-8500-4512-831A-408BB0772586",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml110_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "358CD445-B506-4EE9-A282-76A790EA4583",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml30_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D857745-3DBE-4B0A-ACE3-0159EB3D0121",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml350_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9DB2958-DDCD-4ACA-B9C1-F7914622E36B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl170r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A0F022-C271-4DB6-A12E-1A2357C0BFE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl190r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29DEE638-BD6B-4B70-ABEE-AFD8FDA99F45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl230k_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B1F484-2258-4326-AEFA-725BD8EFE6CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl270d_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00D87480-CB71-4BB0-A034-41B3AA9F10A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl450_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81B8CA7A-F115-4932-A932-F61180E79A72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A13A066-1BC1-43D3-BBCC-499F1C1C864A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4D8959-5623-4211-BE1B-80E6557D61F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFA60F7D-DD77-4DED-B13B-C59025FCF3A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10_g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C077CA8B-F758-4D35-BFBA-9350586BBB91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10_h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2DAFA4-2B9B-455D-9ABD-28D3E36859F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
},
{
"lang": "es",
"value": "Se detect\u00f3 una vulnerabilidad de tipo xss remota en HPE Integrated Lights-Out 4 (iLO 4);\u0026#xa0;HPE SimpliVity 380 Gen9;\u0026#xa0;HPE Integrated Lights-Out 5 (iLO 5) para servidores HPE Gen10;\u0026#xa0;HPE SimpliVity 380 Gen10;\u0026#xa0;HPE SimpliVity 2600;\u0026#xa0;HPE SimpliVity 380 Gen10 G;\u0026#xa0;HPE SimpliVity 325;\u0026#xa0;Versiones de HPE SimpliVity 380 Gen10 H: anterior a versi\u00f3n 2.78"
}
],
"id": "CVE-2021-29201",
"lastModified": "2024-11-21T06:00:48.803",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-25T14:15:07.570",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-25 15:15
Modified
2024-11-21 06:00
Severity ?
Summary
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E25CDBB-3C9D-4AAB-BA21-0346546AA369",
"versionEndExcluding": "2.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F05331F2-DF6B-4CD3-9BA4-B97A34746509",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_5:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD145EB4-A7F3-4A6D-A782-080507068D45",
"versionEndExcluding": "2.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl460c_gen10_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E00679-A2A7-4A51-9764-462BF479F423",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl120_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B553E44A-A209-49CA-A914-CC1FE51D90D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl160_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "666AAAE5-83AB-4018-891D-2FC69AE6AD65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl180_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD32E61-4FFE-4ECF-9582-B96D1513C706",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl20_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BDF28CD-B01A-4C31-B62A-0472AD96D255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl325_gen10_plus_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5F7BC4-EAA0-47EB-A66A-B5BC60620E1F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl325_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58196CA6-BA67-4361-8056-B52B1A323E5D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl360_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5FC76C8-44FC-4BCC-95C1-0717126BBE2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl380_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD8AB8C-D5BA-4312-9E7A-48ECB09F3C16",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_gen10_plus_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF5E039-BBBF-42A4-8F57-CB2B7E65D763",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306B6EC0-C471-48B6-858C-93A4A6CB976D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl560_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A16D30B-D064-4EEC-9628-7B64B63CE2CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl580_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A367F8FE-8500-4512-831A-408BB0772586",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml110_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "358CD445-B506-4EE9-A282-76A790EA4583",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml30_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D857745-3DBE-4B0A-ACE3-0159EB3D0121",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml350_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9DB2958-DDCD-4ACA-B9C1-F7914622E36B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl170r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A0F022-C271-4DB6-A12E-1A2357C0BFE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl190r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29DEE638-BD6B-4B70-ABEE-AFD8FDA99F45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl230k_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B1F484-2258-4326-AEFA-725BD8EFE6CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl270d_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00D87480-CB71-4BB0-A034-41B3AA9F10A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl450_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81B8CA7A-F115-4932-A932-F61180E79A72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A13A066-1BC1-43D3-BBCC-499F1C1C864A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4D8959-5623-4211-BE1B-80E6557D61F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFA60F7D-DD77-4DED-B13B-C59025FCF3A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10_g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C077CA8B-F758-4D35-BFBA-9350586BBB91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10_h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2DAFA4-2B9B-455D-9ABD-28D3E36859F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
},
{
"lang": "es",
"value": "Se detect\u00f3 una vulnerabilidad de un xss dom y una inyecci\u00f3n remota de crlf en HPE Integrated Lights-Out 4 (iLO 4);\u0026#xa0;HPE SimpliVity 380 Gen9;\u0026#xa0;HPE Integrated Lights-Out 5 (iLO 5) para servidores HPE Gen10;\u0026#xa0;HPE SimpliVity 380 Gen10;\u0026#xa0;HPE SimpliVity 2600;\u0026#xa0;HPE SimpliVity 380 Gen10 G;\u0026#xa0;HPE SimpliVity 325;\u0026#xa0;Versiones de HPE SimpliVity 380 Gen10 H: anterior a versi\u00f3n 2.78"
}
],
"id": "CVE-2021-29208",
"lastModified": "2024-11-21T06:00:49.683",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-25T15:15:07.417",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-25 14:15
Modified
2024-11-21 06:00
Severity ?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E25CDBB-3C9D-4AAB-BA21-0346546AA369",
"versionEndExcluding": "2.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F05331F2-DF6B-4CD3-9BA4-B97A34746509",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_5:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD145EB4-A7F3-4A6D-A782-080507068D45",
"versionEndExcluding": "2.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl460c_gen10_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E00679-A2A7-4A51-9764-462BF479F423",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl120_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B553E44A-A209-49CA-A914-CC1FE51D90D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl160_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "666AAAE5-83AB-4018-891D-2FC69AE6AD65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl180_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD32E61-4FFE-4ECF-9582-B96D1513C706",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl20_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BDF28CD-B01A-4C31-B62A-0472AD96D255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl325_gen10_plus_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5F7BC4-EAA0-47EB-A66A-B5BC60620E1F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl325_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58196CA6-BA67-4361-8056-B52B1A323E5D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl360_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5FC76C8-44FC-4BCC-95C1-0717126BBE2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl380_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD8AB8C-D5BA-4312-9E7A-48ECB09F3C16",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_gen10_plus_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF5E039-BBBF-42A4-8F57-CB2B7E65D763",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306B6EC0-C471-48B6-858C-93A4A6CB976D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl560_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A16D30B-D064-4EEC-9628-7B64B63CE2CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl580_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A367F8FE-8500-4512-831A-408BB0772586",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml110_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "358CD445-B506-4EE9-A282-76A790EA4583",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml30_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D857745-3DBE-4B0A-ACE3-0159EB3D0121",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml350_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9DB2958-DDCD-4ACA-B9C1-F7914622E36B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl170r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A0F022-C271-4DB6-A12E-1A2357C0BFE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl190r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29DEE638-BD6B-4B70-ABEE-AFD8FDA99F45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl230k_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B1F484-2258-4326-AEFA-725BD8EFE6CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl270d_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00D87480-CB71-4BB0-A034-41B3AA9F10A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl450_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81B8CA7A-F115-4932-A932-F61180E79A72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A13A066-1BC1-43D3-BBCC-499F1C1C864A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4D8959-5623-4211-BE1B-80E6557D61F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFA60F7D-DD77-4DED-B13B-C59025FCF3A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10_g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C077CA8B-F758-4D35-BFBA-9350586BBB91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10_h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2DAFA4-2B9B-455D-9ABD-28D3E36859F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
},
{
"lang": "es",
"value": "Se detect\u00f3 una vulnerabilidad de tipo XSS remota en HPE Integrated Lights-Out 4 (iLO 4);\u0026#xa0;HPE SimpliVity 380 Gen9;\u0026#xa0;HPE Integrated Lights-Out 5 (iLO 5) para servidores HPE Gen10;\u0026#xa0;HPE SimpliVity 380 Gen10;\u0026#xa0;HPE SimpliVity 2600;\u0026#xa0;HPE SimpliVity 380 Gen10 G;\u0026#xa0;HPE SimpliVity 325;\u0026#xa0;Versiones de HPE SimpliVity 380 Gen10 H: anterior a versi\u00f3n 2.78"
}
],
"id": "CVE-2021-29205",
"lastModified": "2024-11-21T06:00:49.293",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-25T14:15:07.663",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-25 14:15
Modified
2024-11-21 06:00
Severity ?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E25CDBB-3C9D-4AAB-BA21-0346546AA369",
"versionEndExcluding": "2.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F05331F2-DF6B-4CD3-9BA4-B97A34746509",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_5:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD145EB4-A7F3-4A6D-A782-080507068D45",
"versionEndExcluding": "2.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl460c_gen10_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E00679-A2A7-4A51-9764-462BF479F423",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl120_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B553E44A-A209-49CA-A914-CC1FE51D90D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl160_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "666AAAE5-83AB-4018-891D-2FC69AE6AD65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl180_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD32E61-4FFE-4ECF-9582-B96D1513C706",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl20_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BDF28CD-B01A-4C31-B62A-0472AD96D255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl325_gen10_plus_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5F7BC4-EAA0-47EB-A66A-B5BC60620E1F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl325_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58196CA6-BA67-4361-8056-B52B1A323E5D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl360_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5FC76C8-44FC-4BCC-95C1-0717126BBE2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl380_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD8AB8C-D5BA-4312-9E7A-48ECB09F3C16",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_gen10_plus_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF5E039-BBBF-42A4-8F57-CB2B7E65D763",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306B6EC0-C471-48B6-858C-93A4A6CB976D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl560_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A16D30B-D064-4EEC-9628-7B64B63CE2CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl580_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A367F8FE-8500-4512-831A-408BB0772586",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml110_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "358CD445-B506-4EE9-A282-76A790EA4583",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml30_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D857745-3DBE-4B0A-ACE3-0159EB3D0121",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml350_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9DB2958-DDCD-4ACA-B9C1-F7914622E36B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl170r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A0F022-C271-4DB6-A12E-1A2357C0BFE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl190r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29DEE638-BD6B-4B70-ABEE-AFD8FDA99F45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl230k_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B1F484-2258-4326-AEFA-725BD8EFE6CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl270d_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00D87480-CB71-4BB0-A034-41B3AA9F10A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl450_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81B8CA7A-F115-4932-A932-F61180E79A72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A13A066-1BC1-43D3-BBCC-499F1C1C864A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4D8959-5623-4211-BE1B-80E6557D61F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFA60F7D-DD77-4DED-B13B-C59025FCF3A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10_g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C077CA8B-F758-4D35-BFBA-9350586BBB91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10_h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2DAFA4-2B9B-455D-9ABD-28D3E36859F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
},
{
"lang": "es",
"value": "Se detect\u00f3 una vulnerabilidad de tipo XSS remota en HPE Integrated Lights-Out 4 (iLO 4);\u0026#xa0;HPE SimpliVity 380 Gen9;\u0026#xa0;HPE Integrated Lights-Out 5 (iLO 5) para servidores HPE Gen10;\u0026#xa0;HPE SimpliVity 380 Gen10;\u0026#xa0;HPE SimpliVity 2600;\u0026#xa0;HPE SimpliVity 380 Gen10 G;\u0026#xa0;HPE SimpliVity 325;\u0026#xa0;Versiones de HPE SimpliVity 380 Gen10 H: anterior a versi\u00f3n 2.78"
}
],
"id": "CVE-2021-29204",
"lastModified": "2024-11-21T06:00:49.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-25T14:15:07.637",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-25 14:15
Modified
2024-11-21 06:00
Severity ?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E25CDBB-3C9D-4AAB-BA21-0346546AA369",
"versionEndExcluding": "2.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F05331F2-DF6B-4CD3-9BA4-B97A34746509",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_5:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD145EB4-A7F3-4A6D-A782-080507068D45",
"versionEndExcluding": "2.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl460c_gen10_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E00679-A2A7-4A51-9764-462BF479F423",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl120_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B553E44A-A209-49CA-A914-CC1FE51D90D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl160_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "666AAAE5-83AB-4018-891D-2FC69AE6AD65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl180_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD32E61-4FFE-4ECF-9582-B96D1513C706",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl20_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BDF28CD-B01A-4C31-B62A-0472AD96D255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl325_gen10_plus_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5F7BC4-EAA0-47EB-A66A-B5BC60620E1F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl325_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58196CA6-BA67-4361-8056-B52B1A323E5D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl360_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5FC76C8-44FC-4BCC-95C1-0717126BBE2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl380_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD8AB8C-D5BA-4312-9E7A-48ECB09F3C16",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_gen10_plus_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF5E039-BBBF-42A4-8F57-CB2B7E65D763",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306B6EC0-C471-48B6-858C-93A4A6CB976D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl560_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A16D30B-D064-4EEC-9628-7B64B63CE2CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl580_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A367F8FE-8500-4512-831A-408BB0772586",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml110_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "358CD445-B506-4EE9-A282-76A790EA4583",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml30_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D857745-3DBE-4B0A-ACE3-0159EB3D0121",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml350_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9DB2958-DDCD-4ACA-B9C1-F7914622E36B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl170r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A0F022-C271-4DB6-A12E-1A2357C0BFE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl190r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29DEE638-BD6B-4B70-ABEE-AFD8FDA99F45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl230k_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B1F484-2258-4326-AEFA-725BD8EFE6CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl270d_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00D87480-CB71-4BB0-A034-41B3AA9F10A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl450_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81B8CA7A-F115-4932-A932-F61180E79A72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A13A066-1BC1-43D3-BBCC-499F1C1C864A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4D8959-5623-4211-BE1B-80E6557D61F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFA60F7D-DD77-4DED-B13B-C59025FCF3A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10_g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C077CA8B-F758-4D35-BFBA-9350586BBB91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10_h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2DAFA4-2B9B-455D-9ABD-28D3E36859F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
},
{
"lang": "es",
"value": "Se detect\u00f3 una vulnerabilidad de tipo XSS remota en HPE Integrated Lights-Out 4 (iLO 4);\u0026#xa0;HPE SimpliVity 380 Gen9;\u0026#xa0;HPE Integrated Lights-Out 5 (iLO 5) para servidores HPE Gen10;\u0026#xa0;HPE SimpliVity 380 Gen10;\u0026#xa0;HPE SimpliVity 2600;\u0026#xa0;HPE SimpliVity 380 Gen10 G;\u0026#xa0;HPE SimpliVity 325;\u0026#xa0;Versiones de HPE SimpliVity 380 Gen10 H: anterior a versi\u00f3n 2.78"
}
],
"id": "CVE-2021-29207",
"lastModified": "2024-11-21T06:00:49.557",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-25T14:15:07.730",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-25 15:15
Modified
2024-11-21 06:00
Severity ?
Summary
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E25CDBB-3C9D-4AAB-BA21-0346546AA369",
"versionEndExcluding": "2.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F05331F2-DF6B-4CD3-9BA4-B97A34746509",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_5:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD145EB4-A7F3-4A6D-A782-080507068D45",
"versionEndExcluding": "2.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl460c_gen10_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E00679-A2A7-4A51-9764-462BF479F423",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl120_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B553E44A-A209-49CA-A914-CC1FE51D90D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl160_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "666AAAE5-83AB-4018-891D-2FC69AE6AD65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl180_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD32E61-4FFE-4ECF-9582-B96D1513C706",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl20_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BDF28CD-B01A-4C31-B62A-0472AD96D255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl325_gen10_plus_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5F7BC4-EAA0-47EB-A66A-B5BC60620E1F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl325_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58196CA6-BA67-4361-8056-B52B1A323E5D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl360_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5FC76C8-44FC-4BCC-95C1-0717126BBE2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl380_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD8AB8C-D5BA-4312-9E7A-48ECB09F3C16",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_gen10_plus_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF5E039-BBBF-42A4-8F57-CB2B7E65D763",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306B6EC0-C471-48B6-858C-93A4A6CB976D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl560_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A16D30B-D064-4EEC-9628-7B64B63CE2CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl580_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A367F8FE-8500-4512-831A-408BB0772586",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml110_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "358CD445-B506-4EE9-A282-76A790EA4583",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml30_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D857745-3DBE-4B0A-ACE3-0159EB3D0121",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml350_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9DB2958-DDCD-4ACA-B9C1-F7914622E36B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl170r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A0F022-C271-4DB6-A12E-1A2357C0BFE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl190r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29DEE638-BD6B-4B70-ABEE-AFD8FDA99F45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl230k_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B1F484-2258-4326-AEFA-725BD8EFE6CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl270d_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00D87480-CB71-4BB0-A034-41B3AA9F10A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl450_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81B8CA7A-F115-4932-A932-F61180E79A72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A13A066-1BC1-43D3-BBCC-499F1C1C864A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4D8959-5623-4211-BE1B-80E6557D61F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFA60F7D-DD77-4DED-B13B-C59025FCF3A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10_g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C077CA8B-F758-4D35-BFBA-9350586BBB91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10_h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2DAFA4-2B9B-455D-9ABD-28D3E36859F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
},
{
"lang": "es",
"value": "Se detect\u00f3 una vulnerabilidad de un xss dom y una inyecci\u00f3n remota de crlf en HPE Integrated Lights-Out 4 (iLO 4);\u0026#xa0;HPE SimpliVity 380 Gen9;\u0026#xa0;HPE Integrated Lights-Out 5 (iLO 5) para servidores HPE Gen10;\u0026#xa0;HPE SimpliVity 380 Gen10;\u0026#xa0;HPE SimpliVity 2600;\u0026#xa0;HPE SimpliVity 380 Gen10 G;\u0026#xa0;HPE SimpliVity 325;\u0026#xa0;Versiones de HPE SimpliVity 380 Gen10 H: anterior a versi\u00f3n 2.78"
}
],
"id": "CVE-2021-29210",
"lastModified": "2024-11-21T06:00:49.947",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-25T15:15:07.470",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-25 14:15
Modified
2024-11-21 06:00
Severity ?
Summary
A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E25CDBB-3C9D-4AAB-BA21-0346546AA369",
"versionEndExcluding": "2.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F05331F2-DF6B-4CD3-9BA4-B97A34746509",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_5:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD145EB4-A7F3-4A6D-A782-080507068D45",
"versionEndExcluding": "2.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl460c_gen10_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E00679-A2A7-4A51-9764-462BF479F423",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl120_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B553E44A-A209-49CA-A914-CC1FE51D90D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl160_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "666AAAE5-83AB-4018-891D-2FC69AE6AD65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl180_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD32E61-4FFE-4ECF-9582-B96D1513C706",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl20_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BDF28CD-B01A-4C31-B62A-0472AD96D255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl325_gen10_plus_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5F7BC4-EAA0-47EB-A66A-B5BC60620E1F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl325_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58196CA6-BA67-4361-8056-B52B1A323E5D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl360_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5FC76C8-44FC-4BCC-95C1-0717126BBE2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl380_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD8AB8C-D5BA-4312-9E7A-48ECB09F3C16",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_gen10_plus_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF5E039-BBBF-42A4-8F57-CB2B7E65D763",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306B6EC0-C471-48B6-858C-93A4A6CB976D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl560_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A16D30B-D064-4EEC-9628-7B64B63CE2CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl580_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A367F8FE-8500-4512-831A-408BB0772586",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml110_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "358CD445-B506-4EE9-A282-76A790EA4583",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml30_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D857745-3DBE-4B0A-ACE3-0159EB3D0121",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml350_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9DB2958-DDCD-4ACA-B9C1-F7914622E36B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl170r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A0F022-C271-4DB6-A12E-1A2357C0BFE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl190r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29DEE638-BD6B-4B70-ABEE-AFD8FDA99F45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl230k_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B1F484-2258-4326-AEFA-725BD8EFE6CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl270d_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00D87480-CB71-4BB0-A034-41B3AA9F10A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl450_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81B8CA7A-F115-4932-A932-F61180E79A72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A13A066-1BC1-43D3-BBCC-499F1C1C864A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4D8959-5623-4211-BE1B-80E6557D61F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFA60F7D-DD77-4DED-B13B-C59025FCF3A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10_g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C077CA8B-F758-4D35-BFBA-9350586BBB91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10_h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2DAFA4-2B9B-455D-9ABD-28D3E36859F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
},
{
"lang": "es",
"value": "Se detect\u00f3 una vulnerabilidad de desbordamiento del b\u00fafer local en HPE Integrated Lights-Out 4 (iLO 4);\u0026#xa0;HPE SimpliVity 380 Gen9;\u0026#xa0;HPE Integrated Lights-Out 5 (iLO 5) para servidores HPE Gen10;\u0026#xa0;HPE SimpliVity 380 Gen10;\u0026#xa0;HPE SimpliVity 2600;\u0026#xa0;HPE SimpliVity 380 Gen10 G;\u0026#xa0;HPE SimpliVity 325;\u0026#xa0;Versiones de HPE SimpliVity 380 Gen10 H: anterior a versi\u00f3n 2.78"
}
],
"id": "CVE-2021-29202",
"lastModified": "2024-11-21T06:00:48.930",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-25T14:15:07.607",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-25 14:15
Modified
2024-11-21 06:00
Severity ?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E25CDBB-3C9D-4AAB-BA21-0346546AA369",
"versionEndExcluding": "2.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F05331F2-DF6B-4CD3-9BA4-B97A34746509",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_5:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD145EB4-A7F3-4A6D-A782-080507068D45",
"versionEndExcluding": "2.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl460c_gen10_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E00679-A2A7-4A51-9764-462BF479F423",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl120_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B553E44A-A209-49CA-A914-CC1FE51D90D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl160_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "666AAAE5-83AB-4018-891D-2FC69AE6AD65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl180_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD32E61-4FFE-4ECF-9582-B96D1513C706",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl20_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BDF28CD-B01A-4C31-B62A-0472AD96D255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl325_gen10_plus_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5F7BC4-EAA0-47EB-A66A-B5BC60620E1F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl325_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58196CA6-BA67-4361-8056-B52B1A323E5D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl360_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5FC76C8-44FC-4BCC-95C1-0717126BBE2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl380_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD8AB8C-D5BA-4312-9E7A-48ECB09F3C16",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_gen10_plus_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF5E039-BBBF-42A4-8F57-CB2B7E65D763",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306B6EC0-C471-48B6-858C-93A4A6CB976D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl560_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A16D30B-D064-4EEC-9628-7B64B63CE2CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl580_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A367F8FE-8500-4512-831A-408BB0772586",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml110_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "358CD445-B506-4EE9-A282-76A790EA4583",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml30_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D857745-3DBE-4B0A-ACE3-0159EB3D0121",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml350_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9DB2958-DDCD-4ACA-B9C1-F7914622E36B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl170r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A0F022-C271-4DB6-A12E-1A2357C0BFE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl190r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29DEE638-BD6B-4B70-ABEE-AFD8FDA99F45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl230k_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B1F484-2258-4326-AEFA-725BD8EFE6CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl270d_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00D87480-CB71-4BB0-A034-41B3AA9F10A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl450_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81B8CA7A-F115-4932-A932-F61180E79A72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A13A066-1BC1-43D3-BBCC-499F1C1C864A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4D8959-5623-4211-BE1B-80E6557D61F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFA60F7D-DD77-4DED-B13B-C59025FCF3A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10_g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C077CA8B-F758-4D35-BFBA-9350586BBB91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:simplivity_380_gen10_h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2DAFA4-2B9B-455D-9ABD-28D3E36859F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
},
{
"lang": "es",
"value": "Se detect\u00f3 una vulnerabilidad de tipo xss remota en HPE Integrated Lights-Out 4 (iLO 4);\u0026#xa0;HPE SimpliVity 380 Gen9;\u0026#xa0;HPE Integrated Lights-Out 5 (iLO 5) para servidores HPE Gen10;\u0026#xa0;HPE SimpliVity 380 Gen10;\u0026#xa0;HPE SimpliVity 2600;\u0026#xa0;HPE SimpliVity 380 Gen10 G;\u0026#xa0;HPE SimpliVity 325;\u0026#xa0;Versiones de HPE SimpliVity 380 Gen10 H: anterior a versi\u00f3n 2.78"
}
],
"id": "CVE-2021-29206",
"lastModified": "2024-11-21T06:00:49.417",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-25T14:15:07.693",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2021-29205
Vulnerability from cvelistv5
Published
2021-05-25 13:37
Modified
2024-08-03 22:02
Severity ?
EPSS score ?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04134en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Version: Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78 Version: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Version: unspecified |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote xss",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T13:37:43",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29205",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote xss"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29205",
"datePublished": "2021-05-25T13:37:43",
"dateReserved": "2021-03-25T00:00:00",
"dateUpdated": "2024-08-03T22:02:51.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-29202
Vulnerability from cvelistv5
Published
2021-05-25 13:24
Modified
2024-08-03 22:02
Severity ?
EPSS score ?
Summary
A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04134en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Version: Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78 Version: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Version: unspecified |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:50.533Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T13:24:19",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29202",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29202",
"datePublished": "2021-05-25T13:24:19",
"dateReserved": "2021-03-25T00:00:00",
"dateUpdated": "2024-08-03T22:02:50.533Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-29201
Vulnerability from cvelistv5
Published
2021-05-25 13:24
Modified
2024-08-03 22:02
Severity ?
EPSS score ?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04134en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Version: Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78 Version: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Version: unspecified |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.300Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote xss",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T13:24:14",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29201",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote xss"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29201",
"datePublished": "2021-05-25T13:24:14",
"dateReserved": "2021-03-25T00:00:00",
"dateUpdated": "2024-08-03T22:02:51.300Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-29206
Vulnerability from cvelistv5
Published
2021-05-25 13:53
Modified
2024-08-03 22:02
Severity ?
EPSS score ?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04134en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Version: Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78 Version: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Version: unspecified |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.072Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote xss",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T13:53:25",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29206",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote xss"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29206",
"datePublished": "2021-05-25T13:53:25",
"dateReserved": "2021-03-25T00:00:00",
"dateUpdated": "2024-08-03T22:02:51.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-29210
Vulnerability from cvelistv5
Published
2021-05-25 14:11
Modified
2024-08-03 22:02
Severity ?
EPSS score ?
Summary
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04134en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Version: Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78 Version: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Version: unspecified |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote dom xss, crlf injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T14:11:03",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29210",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote dom xss, crlf injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29210",
"datePublished": "2021-05-25T14:11:03",
"dateReserved": "2021-03-25T00:00:00",
"dateUpdated": "2024-08-03T22:02:51.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-29204
Vulnerability from cvelistv5
Published
2021-05-25 13:37
Modified
2024-08-03 22:02
Severity ?
EPSS score ?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04134en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Version: Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78 Version: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Version: unspecified |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.095Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote xss",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T13:37:40",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29204",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote xss"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29204",
"datePublished": "2021-05-25T13:37:40",
"dateReserved": "2021-03-25T00:00:00",
"dateUpdated": "2024-08-03T22:02:51.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-29211
Vulnerability from cvelistv5
Published
2021-05-25 14:11
Modified
2024-08-03 22:02
Severity ?
EPSS score ?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04134en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Version: Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78 Version: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Version: unspecified |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.313Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote xss",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T14:11:09",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29211",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote xss"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29211",
"datePublished": "2021-05-25T14:11:09",
"dateReserved": "2021-03-25T00:00:00",
"dateUpdated": "2024-08-03T22:02:51.313Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-29207
Vulnerability from cvelistv5
Published
2021-05-25 13:53
Modified
2024-08-03 22:02
Severity ?
EPSS score ?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04134en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Version: Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78 Version: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Version: unspecified |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.367Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote xss",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T13:53:29",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29207",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote xss"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29207",
"datePublished": "2021-05-25T13:53:29",
"dateReserved": "2021-03-25T00:00:00",
"dateUpdated": "2024-08-03T22:02:51.367Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-29208
Vulnerability from cvelistv5
Published
2021-05-25 14:32
Modified
2024-08-03 22:02
Severity ?
EPSS score ?
Summary
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04134en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Version: Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78 Version: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Version: unspecified |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote dom xss, crlf injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T14:32:42",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29208",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote dom xss, crlf injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29208",
"datePublished": "2021-05-25T14:32:42",
"dateReserved": "2021-03-25T00:00:00",
"dateUpdated": "2024-08-03T22:02:51.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-29209
Vulnerability from cvelistv5
Published
2021-05-25 14:32
Modified
2024-08-03 22:02
Severity ?
EPSS score ?
Summary
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04134en_us | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Version: Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78 Version: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Version: unspecified |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.204Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote dom xss, crlf injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T14:32:49",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29209",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote dom xss, crlf injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29209",
"datePublished": "2021-05-25T14:32:49",
"dateReserved": "2021-03-25T00:00:00",
"dateUpdated": "2024-08-03T22:02:51.204Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}