CVE-2021-25138

🗓️ 29 Jan 2021 18:03:43Reported by hpeType

HPE Cloudline BMC firmware local buffer overflow in spx_restservice uploadsshkey function

Reporter	Title	Published	Views	Family All 7
Circl	CVE-2021-25138	29 Jan 202123:25	–	circl
CNNVD	Buffer Error Vulnerability in Multiple HPE Products	29 Jan 202100:00	–	cnnvd
Cvelist	CVE-2021-25138	29 Jan 202118:03	–	cvelist
EUVD	EUVD-2021-12049	7 Oct 202500:30	–	euvd
NVD	CVE-2021-25138	29 Jan 202119:15	–	nvd
Prion	Buffer overflow	29 Jan 202119:15	–	prion
RedhatCVE	CVE-2021-25138	22 May 202519:25	–	redhatcve

NVD

Node

hpe cloudline_cl3100_gen10_server_firmwareMatch1.08.0.0

hpe cloudline_cl3100_gen10_server_firmwareMatch1.10.0.0

AND

hpe cloudline_cl3100_gen10_serverMatch-

Node

hpe cloudline_cl4100_gen10_server_firmwareMatch1.08.0.0

hpe cloudline_cl4100_gen10_server_firmwareMatch1.10.0.0

AND

hpe cloudline_cl4100_gen10_serverMatch-

Node

hpe cloudline_cl5200_gen9_server_firmwareMatch1.07.0.0

AND

hpe cloudline_cl5200_gen9_serverMatch-

Node

hpe cloudline_cl5800_gen10_server_firmwareMatch1.08.0.0

AND

hpe cloudline_cl5800_gen10_serverMatch-

Node

hpe cloudline_cl5800_gen9_server_firmwareMatch1.09.0.0

AND

hpe cloudline_cl5800_gen9_serverMatch-

[
  {
    "product": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Version. 1.09.0.0"
      },
      {
        "status": "affected",
        "version": "Version 1.07.0.0"
      },
      {
        "status": "affected",
        "version": "Version 1.10.0.0"
      },
      {
        "status": "affected",
        "version": "Version  1.10.0.0"
      },
      {
        "status": "affected",
        "version": "Version 1.08.0.0"
      }
    ]
  }
]

Source	Link
support	www.support.hpe.com/hpsc/doc/public/display

21 Nov 2024 05:54Current

7.6High risk

Vulners AI Score7.6

CVSS 27.2

CVSS 3.17.8

EPSS0.00127

CWE-120