CVE-2021-25139

Name of the Vulnerable Software and Affected Versions: HPE Moonshot Provisioning Manager version 1.20

Description: A potential security issue has been identified that could be remotely exploited by an unauthenticated user to cause a stack-based buffer overflow using user-supplied input to the khuploadfile.cgi CGI ELF. This could lead to Remote Code Execution, Denial of Service, and/or compromise system integrity.

Recommendations: For HPE Moonshot Provisioning Manager version 1.20, discontinue the use of the application as it is discontinued, no longer supported, and no patch is available.