CVE-2021-29213

EPSS 0.04%
Published 01.11.2021 14:15:07
Last modified 21.11.2024 06:00:50
Source security-alert@hpe.com
Teams watchlist Login
Open Login

A potential local bypass of security restrictions vulnerability has been identified in HPE ProLiant DL20 Gen10, HPE ProLiant ML30 Gen10, and HPE ProLiant MicroServer Gen10 Plus server's system ROMs prior to version 2.52. The vulnerability could be locally exploited to cause disclosure of sensitive information, denial of service (DoS), and/or compromise system integrity.

Affected products Warnungen 0 Metrics 3 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

Hpe ≫ Proliant Microserver Gen10 Plus Firmware Version < 2.52

Hpe ≫ Proliant Microserver Gen10 Plus Version-

Hpe ≫ Proliant Ml30 Gen10 Server Firmware Version < 2.52

Hpe ≫ Proliant Ml30 Gen10 Server Version-

Hpe ≫ Proliant Dl20 Gen10 Server Firmware Version < 2.52

Hpe ≫ Proliant Dl20 Gen10 Server Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.068

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04197en_us

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-29213

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-29213

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-29213

EUVD