PT-2022-19108 · Hewlett Packard · Hpe Cray Legacy Shasta System Solutions+2
Published
2022-06-24
·
Updated
2023-08-08
·
CVE-2022-28620
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
HPE Cray Legacy Shasta System Solutions versions prior to node controller firmware associated with HPE Cray EX liquid cooled blades
HPE Slingshot versions prior to 1.7.2
HPE Cray EX supercomputers versions prior to 1.6.27/1.5.33/1.4.27
Description
A remote authentication bypass issue was discovered. HPE has provided a software update to resolve this issue in HPE Cray Legacy Shasta System Solutions, HPE Slingshot, and HPE Cray EX Supercomputers.
Recommendations
For HPE Cray Legacy Shasta System Solutions, update to a version that includes the node controller firmware associated with HPE Cray EX liquid cooled blades.
For HPE Slingshot, update to version 1.7.2 or later.
For HPE Cray EX supercomputers, update to version 1.6.27/1.5.33/1.4.27 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Hpe Cray Ex Supercomputers
Hpe Cray Legacy Shasta System Solutions
Hpe Slingshot