CVE-2021-25129

🗓️ 29 Jan 2021 18:11:47Reported by hpeType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 57 Views

BMC in HPE Cloudline CL5800 Gen9 Server, CL5200 Gen9 Server, CL4100 Gen10 Server, CL3100 Gen10 Server BMC firmware has a local spx_restservice getvideodata_func function path traversal vulnerability.

Reporter	Title	Published	Views	Family All 7
Circl	CVE-2021-25129	29 Jan 202123:25	–	circl
CNNVD	Path Traversal Vulnerability in Multiple HPE Products	29 Jan 202100:00	–	cnnvd
Cvelist	CVE-2021-25129	29 Jan 202118:11	–	cvelist
EUVD	EUVD-2021-12040	7 Oct 202500:30	–	euvd
NVD	CVE-2021-25129	29 Jan 202119:15	–	nvd
Prion	Path traversal	29 Jan 202119:15	–	prion
RedhatCVE	CVE-2021-25129	22 May 202518:25	–	redhatcve

NVD

Node

hpe cloudline_cl3100_gen10_server_firmwareMatch1.08.0.0

hpe cloudline_cl3100_gen10_server_firmwareMatch1.10.0.0

AND

hpe cloudline_cl3100_gen10_serverMatch-

Node

hpe cloudline_cl4100_gen10_server_firmwareMatch1.08.0.0

hpe cloudline_cl4100_gen10_server_firmwareMatch1.10.0.0

AND

hpe cloudline_cl4100_gen10_serverMatch-

Node

hpe cloudline_cl5200_gen9_server_firmwareMatch1.07.0.0

AND

hpe cloudline_cl5200_gen9_serverMatch-

Node

hpe cloudline_cl5800_gen10_server_firmwareMatch1.08.0.0

AND

hpe cloudline_cl5800_gen10_serverMatch-

Node

hpe cloudline_cl5800_gen9_server_firmwareMatch1.09.0.0

AND

hpe cloudline_cl5800_gen9_serverMatch-

[
  {
    "product": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Version. 1.09.0.0"
      },
      {
        "status": "affected",
        "version": "Version 1.07.0.0"
      },
      {
        "status": "affected",
        "version": "Version 1.10.0.0"
      },
      {
        "status": "affected",
        "version": "Version  1.10.0.0"
      },
      {
        "status": "affected",
        "version": "Version 1.08.0.0"
      }
    ]
  }
]

Source	Link
support	www.support.hpe.com/hpsc/doc/public/display

21 Nov 2024 05:54Current

7.5High risk

Vulners AI Score7.5

CVSS 27.2

CVSS 3.17.8

EPSS0.00119

CWE-22