PT-2021-16410 · Hewlett Packard · Hpe Cloudline Cl3100 Gen10 Server+4
Published
2021-01-29
·
Updated
2021-01-30
·
CVE-2021-25134
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
HPE Cloudline CL5800 Gen9 Server
HPE Cloudline CL5200 Gen9 Server
HPE Cloudline CL4100 Gen10 Server
HPE Cloudline CL3100 Gen10 Server
HPE Cloudline CL5800 Gen10 Server
Description:
The Baseboard Management Controller (BMC) in the affected HPE Cloudline servers has a local buffer overflow in the
setremoteimageinfo func function of spx restservice. This issue may be exploited locally.Recommendations:
For HPE Cloudline CL5800 Gen9 Server, consider disabling the
setremoteimageinfo func function in spx restservice until a patch is available.
For HPE Cloudline CL5200 Gen9 Server, consider disabling the setremoteimageinfo func function in spx restservice until a patch is available.
For HPE Cloudline CL4100 Gen10 Server, consider disabling the setremoteimageinfo func function in spx restservice until a patch is available.
For HPE Cloudline CL3100 Gen10 Server, consider disabling the setremoteimageinfo func function in spx restservice until a patch is available.
For HPE Cloudline CL5800 Gen10 Server, consider disabling the setremoteimageinfo func function in spx restservice until a patch is available.Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hpe Cloudline Cl3100 Gen10 Server
Hpe Cloudline Cl4100 Gen10 Server
Hpe Cloudline Cl5200 Gen9 Server
Hpe Cloudline Cl5800 Gen10 Server
Hpe Cloudline Cl5800 Gen9 Server