Lucene search

HpeCVELIST:CVE-2023-28092

HistoryMay 01, 2023 - 2:10 p.m.

CVE-2023-28092

2023-05-0114:10:19

hpe

www.cve.org

hpe proliant rl300 gen11 server

security vulnerability

physical access

6.1 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:L

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.9%

JSON

A potential security vulnerability has been identified in HPE ProLiant RL300 Gen11 Server. The vulnerability could result in the system being vulnerable to exploits by attackers with physical access inside the server chassis.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "HPE ProLiant RL300 Gen11",
    "vendor": "Hewlett Packard Enterprise (HPE)",
    "versions": [
      {
        "status": "affected",
        "version": "System ROM v1.12, and HPE Integrated Lights-Out 6 (iLO 6) v1.05"
      }
    ]
  }
]

References

support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04472en_us

6.1 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:L

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.9%

JSON

Related for CVELIST:CVE-2023-28092