10

CVE-2019-11996

EPSS 0.44%
Veröffentlicht 07.11.2019 19:15:14
Zuletzt bearbeitet 21.11.2024 04:22:07
Quelle security-alert@hpe.com
Teams Watchlist Login
Unerledigt Login

Potential security vulnerabilities have been identified with HPE Nimble Storage systems in multi array group configurations. The vulnerabilities could be exploited by an attacker to gain elevated privileges on the array. The following NimbleOS versions, and all subsequent releases, contain a software fix for this vulnerability: 3.9.2.0, 4.5.5.0, 5.0.8.0 and 5.1.3.0.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hpe ≫ Nimbleos Version >= 3.1.0.0 <= 3.9.1.0

   Hpe ≫ Nimble Storage Af20 All Flash Array Version-
   Hpe ≫ Nimble Storage Af20q All Flash Dual Controller Version-
   Hpe ≫ Nimble Storage Af40 All Flash Dual Controller Version-
   Hpe ≫ Nimble Storage Af60 All Flash Dual Controller Version-
   Hpe ≫ Nimble Storage Af80 All Flash Dual Controller Version-
   Hpe ≫ Nimble Storage Cs3000 Version-
   Hpe ≫ Nimble Storage Cs5000 Version-
   Hpe ≫ Nimble Storage Cs7000 Version-
   Hpe ≫ Nimble Storage Secondary Flash Arrays Version-

Hpe ≫ Nimbleos Version >= 4.1.0.0 <= 4.5.4.0

   Hpe ≫ Nimble Storage Af20 All Flash Array Version-
   Hpe ≫ Nimble Storage Af20q All Flash Dual Controller Version-
   Hpe ≫ Nimble Storage Af40 All Flash Dual Controller Version-
   Hpe ≫ Nimble Storage Af60 All Flash Dual Controller Version-
   Hpe ≫ Nimble Storage Af80 All Flash Dual Controller Version-
   Hpe ≫ Nimble Storage Cs3000 Version-
   Hpe ≫ Nimble Storage Cs5000 Version-
   Hpe ≫ Nimble Storage Cs7000 Version-
   Hpe ≫ Nimble Storage Secondary Flash Arrays Version-

Hpe ≫ Nimbleos Version >= 5.0.1.0 <= 5.0.7.0

   Hpe ≫ Nimble Storage Af20 All Flash Array Version-
   Hpe ≫ Nimble Storage Af20q All Flash Dual Controller Version-
   Hpe ≫ Nimble Storage Af40 All Flash Dual Controller Version-
   Hpe ≫ Nimble Storage Af60 All Flash Dual Controller Version-
   Hpe ≫ Nimble Storage Af80 All Flash Dual Controller Version-
   Hpe ≫ Nimble Storage Cs3000 Version-
   Hpe ≫ Nimble Storage Cs5000 Version-
   Hpe ≫ Nimble Storage Cs7000 Version-
   Hpe ≫ Nimble Storage Secondary Flash Arrays Version-

Hpe ≫ Nimbleos Version >= 5.1.0.0 <= 5.1.2.0

   Hpe ≫ Nimble Storage Af20 All Flash Array Version-
   Hpe ≫ Nimble Storage Af20q All Flash Dual Controller Version-
   Hpe ≫ Nimble Storage Af40 All Flash Dual Controller Version-
   Hpe ≫ Nimble Storage Af60 All Flash Dual Controller Version-
   Hpe ≫ Nimble Storage Af80 All Flash Dual Controller Version-
   Hpe ≫ Nimble Storage Cs3000 Version-
   Hpe ≫ Nimble Storage Cs5000 Version-
   Hpe ≫ Nimble Storage Cs7000 Version-
   Hpe ≫ Nimble Storage Secondary Flash Arrays Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.44%	0.604

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03964en_us

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-11996

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-11996

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-11996

EUVD