CVE-2020-7207 (GCVE-0-2020-7207)

Vulnerability from cvelistv5 – Published: 2020-11-05 20:14 – Updated: 2024-08-04 09:25
VLAI?
Summary
A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE). This attack requires a physical attack to the server motherboard. To mitigate this issue, ensure your server is always physically secured. HPE will not address this issue in the impacted Gen 10 servers listed. HPE recommends using appropriate physical security methods as a compensating control to disallow an attacker from having physical access to the server main circuit board.
Severity ?
No CVSS data available.
CWE
  • local elevation of privilege
Assigner
hpe
References
Impacted products
Vendor Product Version
n/a HPE ProLiant BL460c Gen10 Server Blade; HPE ProLiant DL360 Gen10 Server; HPE ProLiant DL380 Gen10 Server; HPE ProLiant DL560 Gen10 Server; HPE ProLiant DL580 Gen10 Server; HPE ProLiant ML110 Gen10 Server; HPE ProLiant XL230k Gen10 Server; HPE Synergy 480 Gen10 Compute Module; HPE Synergy 660 Gen10 Compute Module; HPE ProLiant DL180 Gen10 Server; HPE ProLiant DL160 Gen10 Server; HPE ProLiant DL120 Gen10 Server; HPE ProLiant XL190r Gen10 Server; HPE ProLiant ML350 Gen10 Server; HPE ProLiant XL170r Gen10 Server; HPE Apollo 2000 System; HPE Apollo 4500 System; HPE ProLiant XL270d Gen10 Server; HPE Apollo 4200 Gen10 Server; HPE ProLiant e910 Server Blade; HPE ProLiant XL450 Gen10 Server; HPE ProLiant XL230k Gen10 Server - bad oid Affected: all current IE firmware
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:25:48.465Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04002en_us"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "HPE ProLiant BL460c Gen10 Server Blade; HPE ProLiant DL360 Gen10 Server; HPE ProLiant DL380 Gen10 Server; HPE ProLiant DL560 Gen10 Server; HPE ProLiant DL580 Gen10 Server; HPE ProLiant ML110 Gen10 Server; HPE ProLiant XL230k Gen10 Server; HPE Synergy 480 Gen10 Compute Module; HPE Synergy 660 Gen10 Compute Module; HPE ProLiant DL180 Gen10 Server; HPE ProLiant DL160 Gen10 Server; HPE ProLiant DL120 Gen10 Server; HPE ProLiant XL190r Gen10 Server; HPE ProLiant ML350 Gen10 Server; HPE ProLiant XL170r Gen10 Server; HPE Apollo 2000 System; HPE Apollo 4500 System; HPE ProLiant XL270d Gen10 Server; HPE Apollo 4200 Gen10 Server; HPE ProLiant e910 Server Blade; HPE ProLiant XL450 Gen10 Server; HPE ProLiant XL230k Gen10 Server - bad oid",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "all current IE firmware"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE). This attack requires a physical attack to the server motherboard. To mitigate this issue, ensure your server is always physically secured. HPE will not address this issue in the impacted Gen 10 servers listed. HPE recommends using appropriate physical security methods as a compensating control to disallow an attacker from having physical access to the server main circuit board."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "local elevation of privilege",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-05T20:14:32",
        "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "shortName": "hpe"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04002en_us"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-alert@hpe.com",
          "ID": "CVE-2020-7207",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "HPE ProLiant BL460c Gen10 Server Blade; HPE ProLiant DL360 Gen10 Server; HPE ProLiant DL380 Gen10 Server; HPE ProLiant DL560 Gen10 Server; HPE ProLiant DL580 Gen10 Server; HPE ProLiant ML110 Gen10 Server; HPE ProLiant XL230k Gen10 Server; HPE Synergy 480 Gen10 Compute Module; HPE Synergy 660 Gen10 Compute Module; HPE ProLiant DL180 Gen10 Server; HPE ProLiant DL160 Gen10 Server; HPE ProLiant DL120 Gen10 Server; HPE ProLiant XL190r Gen10 Server; HPE ProLiant ML350 Gen10 Server; HPE ProLiant XL170r Gen10 Server; HPE Apollo 2000 System; HPE Apollo 4500 System; HPE ProLiant XL270d Gen10 Server; HPE Apollo 4200 Gen10 Server; HPE ProLiant e910 Server Blade; HPE ProLiant XL450 Gen10 Server; HPE ProLiant XL230k Gen10 Server - bad oid",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "all current IE firmware"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE). This attack requires a physical attack to the server motherboard. To mitigate this issue, ensure your server is always physically secured. HPE will not address this issue in the impacted Gen 10 servers listed. HPE recommends using appropriate physical security methods as a compensating control to disallow an attacker from having physical access to the server main circuit board."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "local elevation of privilege"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04002en_us",
              "refsource": "MISC",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04002en_us"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
    "assignerShortName": "hpe",
    "cveId": "CVE-2020-7207",
    "datePublished": "2020-11-05T20:14:32",
    "dateReserved": "2020-01-16T00:00:00",
    "dateUpdated": "2024-08-04T09:25:48.465Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hp:apollo_2000_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A79CFC7D-7D39-4FBA-8313-14A096A776EB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hp:apollo_2000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9FF05F7-F7FC-4817-805B-A69B22BBEDFC\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hp:apollo_4200_gen10_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB2D71E9-69F0-4189-9EAF-3E8355874D21\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hp:apollo_4200_gen10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF5A726F-CDA8-4804-AE63-B5C156574614\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hp:apollo_4500_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2177A2E1-006E-4A4F-AA8D-EB28541F4A56\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hp:apollo_4500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68B6BCFC-3AF2-4282-93F8-F64CE98FDC4B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hp:proliant_xl230k_gen10_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"951FFEA5-1A35-4E9F-B7A6-1B18ADEFB0C4\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hp:proliant_xl230k_gen10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85739B50-AA18-4097-8EAA-3A750EE38AE6\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hp:proliant_xl270d_gen10_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E0DEAA8-BD1A-4A1C-B9EE-DDE64DFED8F7\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hp:proliant_xl270d_gen10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F114945A-DDC6-4CCB-B368-B60F5780F0E5\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hp:proliant_bl460c_gen10_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"10233E2A-DC4F-46C1-9B9E-2277ABD61EE2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hp:proliant_bl460c_gen10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFEC03C5-6E25-47A3-9793-D411056F5D08\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hp:proliant_dl120_gen10_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD93C572-82C9-47FD-BAC8-B7E6BE873C3C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hp:proliant_dl120_gen10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"43D747DD-AF47-4B5A-B9CC-20BEC97E7788\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hp:proliant_dl160_gen10_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2184DC92-0990-48E3-8E10-3D051CB0F3E0\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hp:proliant_dl160_gen10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B0DEA2A-F511-4111-8B33-B029E75D56BF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hp:proliant_dl180_gen10_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C5266B27-BFC8-4C30-85AC-7FD699B1CC64\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hp:proliant_dl180_gen10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5077B450-1E11-4338-8F76-E4257FBE9260\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hp:proliant_dl360_gen10_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D5046B6-B06B-400E-9896-C763513594F4\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hp:proliant_dl360_gen10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45369573-58FC-40E2-8124-08CDEAB6B6C0\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hp:proliant_dl380_gen10_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C93790EF-A41D-4B9D-ADFC-7B45692F6904\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hp:proliant_dl380_gen10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F5D074B-079C-4227-A2A5-654BB35E7DC3\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hp:proliant_dl560_gen10_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EFBFD5CB-FBE0-4E20-875F-A37514EF962B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hp:proliant_dl560_gen10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D894E6C9-D248-4800-A138-CD0FE8F6B5B9\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hp:proliant_dl580_gen10_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"99D7A1BB-7D89-4AF6-89E6-D23CEA04D4B8\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hp:proliant_dl580_gen10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8FEBB303-F21A-47FF-9D79-5CBC90144782\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hp:proliant_ml110_gen10_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EDFAD1DD-F83F-4A83-A009-0C8ED3CB550C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hp:proliant_ml110_gen10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA54BDB5-28DF-46D6-8D7D-F2F4F3B21381\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hp:proliant_ml350_gen10_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DC576AA-38DB-4D3A-B6E4-FB8EF460DFA2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hp:proliant_ml350_gen10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7FF6A55B-05B4-4286-BF06-45D2A21EF58F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hp:synergy_480_gen10_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE0AD61A-E83A-4B7C-AA75-D6AA8055DC00\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hp:synergy_480_gen10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56E065B7-BC38-4CFE-A640-1236A8FFF8F4\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hp:synergy_660_gen10_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3A86647F-758D-4E44-A1C2-D29E0F6B6E79\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hp:synergy_660_gen10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80C5572E-CA26-4B2D-B3AA-BEA466ACD7F9\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hp:proliant_e910_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39166E75-89B6-4406-81F2-3B8FAC53F9E4\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hp:proliant_e910:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"236284B7-DC2E-40F8-A265-EE91469ADD9C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hp:proliant_xl170r_gen10_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3EEBA228-639C-4FA2-B57C-069276C66663\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hp:proliant_xl170r_gen10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A6662F50-79E8-4675-ABAB-E95C7B8A2BBB\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hp:proliant_xl190r_gen10_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"953327FE-57FB-4FF6-972F-83B02DF855F1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hp:proliant_xl190r_gen10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D33F488-C5DB-40A7-BCAB-4DA1A6FC0096\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hp:proliant_xl230k_gen10_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"951FFEA5-1A35-4E9F-B7A6-1B18ADEFB0C4\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hp:proliant_xl230k_gen10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85739B50-AA18-4097-8EAA-3A750EE38AE6\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hp:proliant_xl450_gen10_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"19571A56-2E69-4563-841A-991323961B48\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:hp:proliant_xl450_gen10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C2B30A8-303D-4A47-8D9A-7088F82D2BA3\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE). This attack requires a physical attack to the server motherboard. To mitigate this issue, ensure your server is always physically secured. HPE will not address this issue in the impacted Gen 10 servers listed. HPE recommends using appropriate physical security methods as a compensating control to disallow an attacker from having physical access to the server main circuit board.\"}, {\"lang\": \"es\", \"value\": \"Se encontr\\u00f3 una vulnerabilidad de elevaci\\u00f3n local de privilegios usando la seguridad de acceso f\\u00edsico en HPE Proliant Gen10 Servers que utiliza Intel Innovation Engine (IE).\u0026#xa0;Este ataque requiere un ataque f\\u00edsico a la tarjeta madre del servidor.\u0026#xa0;Para mitigar este problema, aseg\\u00farese de que su servidor est\\u00e9 siempre protegido f\\u00edsicamente.\u0026#xa0;HPE no abordar\\u00e1 este problema en los servidores Gen 10 listados que est\\u00e1n afectados .\u0026#xa0;HPE recomienda el uso de m\\u00e9todos de seguridad f\\u00edsica apropiados como el control de compensaci\\u00f3n para no permitir que un atacante tenga acceso f\\u00edsico a la tarjeta del circuito principal del servidor\"}]",
      "id": "CVE-2020-7207",
      "lastModified": "2024-11-21T05:36:49.840",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 6.8, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"PHYSICAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2020-11-05T21:15:13.063",
      "references": "[{\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04002en_us\", \"source\": \"security-alert@hpe.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04002en_us\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "security-alert@hpe.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-7207\",\"sourceIdentifier\":\"security-alert@hpe.com\",\"published\":\"2020-11-05T21:15:13.063\",\"lastModified\":\"2024-11-21T05:36:49.840\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE). This attack requires a physical attack to the server motherboard. To mitigate this issue, ensure your server is always physically secured. HPE will not address this issue in the impacted Gen 10 servers listed. HPE recommends using appropriate physical security methods as a compensating control to disallow an attacker from having physical access to the server main circuit board.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una vulnerabilidad de elevaci\u00f3n local de privilegios usando la seguridad de acceso f\u00edsico en HPE Proliant Gen10 Servers que utiliza Intel Innovation Engine (IE).\u0026#xa0;Este ataque requiere un ataque f\u00edsico a la tarjeta madre del servidor.\u0026#xa0;Para mitigar este problema, aseg\u00farese de que su servidor est\u00e9 siempre protegido f\u00edsicamente.\u0026#xa0;HPE no abordar\u00e1 este problema en los servidores Gen 10 listados que est\u00e1n afectados .\u0026#xa0;HPE recomienda el uso de m\u00e9todos de seguridad f\u00edsica apropiados como el control de compensaci\u00f3n para no permitir que un atacante tenga acceso f\u00edsico a la tarjeta del circuito principal del servidor\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:apollo_2000_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A79CFC7D-7D39-4FBA-8313-14A096A776EB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:apollo_2000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9FF05F7-F7FC-4817-805B-A69B22BBEDFC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:apollo_4200_gen10_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB2D71E9-69F0-4189-9EAF-3E8355874D21\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:apollo_4200_gen10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF5A726F-CDA8-4804-AE63-B5C156574614\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:apollo_4500_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2177A2E1-006E-4A4F-AA8D-EB28541F4A56\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:apollo_4500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68B6BCFC-3AF2-4282-93F8-F64CE98FDC4B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:proliant_xl230k_gen10_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"951FFEA5-1A35-4E9F-B7A6-1B18ADEFB0C4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:proliant_xl230k_gen10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85739B50-AA18-4097-8EAA-3A750EE38AE6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:proliant_xl270d_gen10_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E0DEAA8-BD1A-4A1C-B9EE-DDE64DFED8F7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:proliant_xl270d_gen10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F114945A-DDC6-4CCB-B368-B60F5780F0E5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:proliant_bl460c_gen10_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10233E2A-DC4F-46C1-9B9E-2277ABD61EE2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:proliant_bl460c_gen10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFEC03C5-6E25-47A3-9793-D411056F5D08\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:proliant_dl120_gen10_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD93C572-82C9-47FD-BAC8-B7E6BE873C3C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:proliant_dl120_gen10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43D747DD-AF47-4B5A-B9CC-20BEC97E7788\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:proliant_dl160_gen10_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2184DC92-0990-48E3-8E10-3D051CB0F3E0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:proliant_dl160_gen10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B0DEA2A-F511-4111-8B33-B029E75D56BF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:proliant_dl180_gen10_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5266B27-BFC8-4C30-85AC-7FD699B1CC64\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:proliant_dl180_gen10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5077B450-1E11-4338-8F76-E4257FBE9260\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:proliant_dl360_gen10_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D5046B6-B06B-400E-9896-C763513594F4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:proliant_dl360_gen10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45369573-58FC-40E2-8124-08CDEAB6B6C0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:proliant_dl380_gen10_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C93790EF-A41D-4B9D-ADFC-7B45692F6904\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:proliant_dl380_gen10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F5D074B-079C-4227-A2A5-654BB35E7DC3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:proliant_dl560_gen10_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFBFD5CB-FBE0-4E20-875F-A37514EF962B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:proliant_dl560_gen10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D894E6C9-D248-4800-A138-CD0FE8F6B5B9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:proliant_dl580_gen10_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99D7A1BB-7D89-4AF6-89E6-D23CEA04D4B8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:proliant_dl580_gen10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FEBB303-F21A-47FF-9D79-5CBC90144782\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:proliant_ml110_gen10_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDFAD1DD-F83F-4A83-A009-0C8ED3CB550C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:proliant_ml110_gen10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA54BDB5-28DF-46D6-8D7D-F2F4F3B21381\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:proliant_ml350_gen10_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DC576AA-38DB-4D3A-B6E4-FB8EF460DFA2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:proliant_ml350_gen10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FF6A55B-05B4-4286-BF06-45D2A21EF58F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:synergy_480_gen10_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE0AD61A-E83A-4B7C-AA75-D6AA8055DC00\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:synergy_480_gen10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56E065B7-BC38-4CFE-A640-1236A8FFF8F4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:synergy_660_gen10_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A86647F-758D-4E44-A1C2-D29E0F6B6E79\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:synergy_660_gen10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80C5572E-CA26-4B2D-B3AA-BEA466ACD7F9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:proliant_e910_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39166E75-89B6-4406-81F2-3B8FAC53F9E4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:proliant_e910:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"236284B7-DC2E-40F8-A265-EE91469ADD9C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:proliant_xl170r_gen10_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EEBA228-639C-4FA2-B57C-069276C66663\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:proliant_xl170r_gen10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6662F50-79E8-4675-ABAB-E95C7B8A2BBB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:proliant_xl190r_gen10_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"953327FE-57FB-4FF6-972F-83B02DF855F1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:proliant_xl190r_gen10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D33F488-C5DB-40A7-BCAB-4DA1A6FC0096\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:proliant_xl230k_gen10_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"951FFEA5-1A35-4E9F-B7A6-1B18ADEFB0C4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:proliant_xl230k_gen10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85739B50-AA18-4097-8EAA-3A750EE38AE6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:proliant_xl450_gen10_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19571A56-2E69-4563-841A-991323961B48\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:proliant_xl450_gen10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C2B30A8-303D-4A47-8D9A-7088F82D2BA3\"}]}]}],\"references\":[{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04002en_us\",\"source\":\"security-alert@hpe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04002en_us\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.