PT-2021-18132 · Hewlett Packard · Hpe Proliant Dl20 Gen10+2

Published

2021-11-01

Updated

2021-11-02

CVE-2021-29213

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: HPE ProLiant DL20 Gen10 versions prior to 2.52 HPE ProLiant ML30 Gen10 versions prior to 2.52 HPE ProLiant MicroServer Gen10 Plus versions prior to 2.52

Description: A potential local bypass of security restrictions has been identified in the system ROMs of certain HPE ProLiant servers. This issue could be locally exploited to cause disclosure of sensitive information, denial of service (DoS), and/or compromise system integrity.

Recommendations: For HPE ProLiant DL20 Gen10 versions prior to 2.52, update to version 2.52 or later to resolve the issue. For HPE ProLiant ML30 Gen10 versions prior to 2.52, update to version 2.52 or later to resolve the issue. For HPE ProLiant MicroServer Gen10 Plus versions prior to 2.52, update to version 2.52 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-29213

Affected Products

Hpe Proliant Dl20 Gen10

Hpe Proliant Ml30 Gen10

Hpe Proliant Microserver Gen10 Plus

PT-2021-18132 · Hewlett Packard · Hpe Proliant Dl20 Gen10+2

CVE-2021-29213

Related Identifiers

Affected Products

References · 4