1147 matches found
HPESBHF03934 rev.1 - HPE CloudLIne servers using AMI BMC Remote Unauthorized Disclosure of Information, Unauthorized Modification and Denial of Service
Potential Security Impact: Remote: Denial of Service DoS, Disclosure of Information, Unauthorized Modification SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Cloudline CL2100 Gen10 Server - Prior to Baseboard Management Controller BMC 1.16.0.030 Apr 2019 - No BIOS update is...
HPESBHF03966 rev.1 - HPE Servers with certain Intel Core and Xeon Processors System Memory Management (SMM), Local Disclosure of Privileged Information
Potential Security Impact: Local: Disclosure of Privileged Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant m710x Server Blade - Prior to v1.8011-14-2019 HPE ProLiant m710x-L Server Blade - Prior to v1.8011-14-2019 CVSS Scores: | CVE | CVSS Vector | Base...
HPESBMU03997 rev.1 - HPE Smart Update Manager (SUM), Remote Unauthorized Access
Potential Security Impact: Remote: Denial of Service DoS, Unauthorized Access SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Smart Update Manager SUM -Prior to v8.5.6 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2017-2921 |...
HPESBHF03970 rev.2 - HPE Products with Intel Ethernet 700 Series Processors, Local Escalation of Privilege, Local Denial of Service
Potential Security Impact: Local: Denial of Service DoS, Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Ethernet 10Gb 2-port 562FLR-SFP+ Adapter - Prior to SPP 2019.12.0 - See Resolution for OS-specific HPE Intel Online Firmware Utility versions for...
HPESBHF03945 rev.1 - HPE Servers using Supplemental Update / Online ROM Flash Component for Linux, Local Execution of Arbitrary Code.
Potential Security Impact: Local: Execution of Arbitrary Code With Privilege Elevation SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Service Pack for ProLiant 2018.06.0, 2018.09.0, 2018.11.0 - Only applies to Linux firmware installer HPE SATA Read Intensive Solid State Drive...
HPESBHF03947 rev.1 - HPE UIoT, Remote Unauthorized Access and Access to Sensitive Data
Potential Security Impact: Remote: Unauthorized Access to Sensitive Information, Unauthorized Data Access SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE IOT + GCP 1.4.0, 1.4.1, 1.4.2, 1.2.4.2 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2020-7133 ...
HPESBHF03988 rev.1 - HPE Onboard Administrator, Remote Reflected Cross Site Scripting
Potential Security Impact: Remote: Cross-Site Scripting XSS SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Onboard Administrator v4.85 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2020-7132 | CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L | 6.5 |...
HPESBNS03996 rev.2 - HPE NonStop Blade Maintenance Entity, Integrated Maintenance Entity and Maintenance Entity, Multiple Remote Vulnerabilities
Potential Security Impact: Remote: Denial of Service DoS, Disclosure of Information, local memory corruption SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Integrated Maintenance Entity T1805 - T1805A01 through T1805A01^AAH Maintenance Entity T2805 - T2805A01 through T2805A01^AAU...
HPESBHF03993 rev.1 - HPE Superdome X servers with iLO4, Remote Multiple Vulnerabilities
Potential Security Impact: Remote: Denial of Service DoS, Multiple Vulnerabilities, memory corruption SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP Superdome X Base Enclosure prior to 8.8.2 HPE Integrity Superdome X Server prior to 8.8.2 HPE Integrity Superdome X with BL920s...
HPESBHF03994 rev.1 - HPE Superdome Flex with iLO4, Remote or Local Code Execution
Potential Security Impact: Local: Code Execution; Remote: Code Execution SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP Superdome X Base Enclosure prior to 8.8.16 HPE Integrity Superdome X Server prior to 8.8.16 HPE Integrity Superdome X with BL920s Blades prior to 8.8.16 HPE...
HPESBHF03986 rev.1 - HPE Superdome X servers with iLO4, Remote Code Execution and Authentication Bypass
Potential Security Impact: Remote: Authentication Bypass, Code Execution, Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Integrity Superdome X Server prior to 8.8.14 HPE Integrity Superdome X with BL920s Blades prior to 8.8.14 HPE Integrity Superdome...
HPESBST03940 rev.1 - HPE MSA 1040, HPE MSA 2040, HPE MSA 2042, HPE MSA 1050, HPE MSA 2050, and HPE MSA 2052 Multiple Remote Access Restriction Bypass
Potential Security Impact: Remote: Session Reuse SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE MSA 1040 SAN Storage GL225P001 and earlier HPE MSA 2040 SAN Storage GL225P001 and earlier HPE MSA 2042 SAN Storage GL225P001 and earlier HPE MSA 1050 SAN Storage VE270R001-01 and...
HPESBHF03995 rev.1 - HPE Superdome X servers with iLO4, Multiple Remote Vulnerabilities
Potential Security Impact: Remote: Arbitrary Code Execution, Code Execution, Denial of Service DoS, Disclosure of Sensitive Information, Elevation of Privilege, Buffer Overflow SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP Superdome X Base Enclosure prior to 8.8.26 HPE...
HPESBMU03979 rev.1 - HPE MSE Msg Gw application, multiple remote vulnerability
Potential Security Impact: Remote: Access Restriction Bypass, User Validation Failure SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE MSE Msg Gw application E-LTU prior to version 3.2 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2019-12000 |...
HPESBHF03987 rev.1 - HPE OneView Global Dashboard (OVGD), Remote Information Disclosure
Potential Security Impact: Remote: Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE OneView Global Dashboard 1.9 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2020-7130 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L | 8.3 |...
HPESBST03980 rev.1 - HPE StoreFabric C-series Switches with Cisco Prime Data Center Network Manager (DCNM), Remote Authentication Bypass
Potential Security Impact: Remote: Authentication Bypass SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE StoreFabric Data Center Network Manager Software - Prior to DCNM 11.31 HPE StoreFabric SN8500C Director Switch - Prior to DCNM 11.31 HPE StoreFabric SN8000C Director Switch...
HPESBST03983 rev.1 - HPE Command View Advanced Edition (CVAE), Multiple Vulnerabilities
Potential Security Impact: Local: Multiple Vulnerabilities; Remote: Multiple Vulnerabilities SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP XP7 CVAE Earlier than 8.7.1-00 HPE XP7 Command View Advanced Edition Suite Earlier than 8.7.1-00 CVSS Scores: | CVE | CVSS Vector | Base...
HPESBGN03984 rev.1 - HPE OpenCall Media Platform (OCMP), Multiple Vulnerabilities
Potential Security Impact: Remote: Arbitrary File Download, Cross-Site Scripting XSS SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE OC Media Platform OCMP OCMP 4.4.8 RP 805,OCMP 4.5.x - All prior versions upto OCMP 4.4.8 and OCMP 4.5.2 CVSS Scores: | CVE | CVSS Vector | Base...
HPESBHF03985 rev.4 - Certain HPE Servers with Intel Xeon SP-based processors, Local Disclosure of Information
Potential Security Impact: Local: Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Apollo 4200 Gen10 Server - Prior to ROM v2.30 HPE ProLiant BL460c Gen10 Server Blade - Prior to ROM v2.30 HPE ProLiant DL20 Gen9 Server - Prior to ROM v2.86 - Impacted b...
HPESBST03977 rev.1 - HPE Command View Advanced Edition (CVAE), Multiple Vulnerabilities
Potential Security Impact: Local: Multiple Vulnerabilities; Remote: Multiple Vulnerabilities SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP XP7 CVAE Earlier than 8.7.0-00 HPE XP7 Command View Advanced Edition Suite Earlier than 8.7.0-00 CVSS Scores: | CVE | CVSS Vector | Base...
HPESBHF03978 rev.2 - HPE Superdome Flex Server, Multiple Remote Vulnerabilities
Potential Security Impact: Remote: Multiple Vulnerabilities SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Superdome Flex Server Prior to v3.20.186 - Fix available in 3.20.206 4 December 2019 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2019-11998...
HPESBNS03976 rev.1 - HPE NonStop using Sudo
Potential Security Impact: Local: Bypass Security Restrictions SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. OSS Core Utilities T1202 T1202L02, T1202L02^AAN, T1202AAO, T1202L02^AAQ, T1202L02^AAR, T1202L01^AAJ, T1202J01, T1202J01^AAP, T1202H01^AAL CVSS Scores: | CVE | CVSS Vector...
HPESBNS03981 rev.1 - HPE ViewPoint on NonStop, Local Disclosure of Sensitive Information
Potential Security Impact: Local: Disclosure of Sensitive Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Web ViewPoint Enterprise T0986 - L Series: T0320L01^ABP through T0320L01^ABZ; J and H Series: T0986H01 through T0986H01^AAE Web ViewPoint Plus T0952 - L Series:...
HPESBGN03975 rev.1 - HPE enhanced Internet Usage Manager (eIUM), Remote Cross Site Scripting
Potential Security Impact: Remote: Cross-Site Scripting XSS SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE enhanced Internet Usage Manager eIUM 8.3, 9.0 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2019-11997 |...
HPESBHF03973 rev.1 - HPE Servers with certain Intel Processors, Local Disclosure of Information, Local Escalation of Privilege
Potential Security Impact: Local: Disclosure of Information, Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant DL20 Gen10 Server - Prior to U442.1212062019 HPE ProLiant ML30 Gen10 Server - Prior to 1.8212062019 HPE ProLiant m710x Server Blade -...
HPESBHF03974 rev.1 - HPE Servers using certain Intel Processors, Local Denial of Service, Disclosure of Information, Escalation of Privilege
Potential Security Impact: Local: Denial of Service DoS, Disclosure of Information, Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant DL20 Gen10 Server - Prior to v2.10 HPE ProLiant ML30 Gen10 Server - Prior to v2.10 HPE ProLiant m710x Server Bla...
HPESBHF03968 rev.4 - HPE Gen10 ProLiant, Apollo, Superdome Flex, and Synergy Servers using Intel CPU Transactional Synchronization Extensions (TSX) Asynchronous Abort (TAA), Local Disclosure of Information
Potential Security Impact: Local: Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Apollo 4200 Gen10 Server - Prior to V2.22 ROM HPE Apollo 2000 System - Prior to V2.22 ROM HPE ProLiant BL460c Gen10 Server Blade - Prior to V2.22 ROM HPE ProLiant DL580...
HPESBHF03971 rev.6 - HPE ProLiant and Superdome Flex Servers using certain Intel Processors, SMM and TXT, Local Escalation of Privilege
Potential Security Impact: Local: Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Apollo 4500 System - Prior to v2.22 HPE Apollo 4200 Gen10 Server - Prior to v2.22 HPE Apollo 2000 System - Prior to v2.22 HPE ProLiant BL460c Gen10 Server Blade - Prior to...
HPESBHF03967 rev.4 - HPE Servers with certain Intel(R) Xeon Scalable Processors, BIOS, Multiple Local Vulnerabilities
Potential Security Impact: Local: Denial of Service DoS, Disclosure of Information, Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant BL460c Gen10 Server Blade - Prior to V2.22 Gen10 HPE ProLiant DL580 Gen10 Server - Prior to V2.22 Gen10 HPE...
HPESBHF03963 rev.1 - Certain HPE ProLiant Servers with Intel CSME, AMT, SPS, TXE,
Potential Security Impact: Remote: Denial of Service DoS, Disclosure of Privileged Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Apollo 4200 Gen10 Server - Prior to SPS FW 4.01.04.339 HPE ProLiant BL460c Gen10 Server Blade - Prior to SPS FW 4.01.04.339 HPE ProLia...
HPESBHF03972 rev.3 - HPE ProLiant, Synergy, Edgeline and Apollo Gen10 Server Platform using TPM, Remote Disclosure of Information
Potential Security Impact: Local: Disclosure of Information; Remote: Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Synergy 660 Gen10 Compute Module - Prior to 73.20 HPE ProLiant XL230k Gen10 Server - Prior to 73.20 HPE ProLiant XL190r Gen10 Server -...
HPESBHF03969 rev.5 - HPE ProLiant Gen10 and Superdome Flex Servers using certain Intel Xeon Scalable Processors, Voltage Modulation, Local Denial of Service
Potential Security Impact: Local: Denial of Service DoS SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Apollo 4200 Gen10 Server - Prior to V2.22 Gen10 ROM HPE ProLiant BL460c Gen10 Server Blade - Prior to V2.22 Gen10 ROM HPE ProLiant DL580 Gen10 Server - Prior to V2.22 Gen10...
HPESBST03964 rev.1 - HPE Nimble Storage, Multiple Remote Vulnerabilities
Potential Security Impact: Remote: Disclosure of Information, Elevation of Privilege, Multiple Vulnerabilities SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Nimble Storage Hybrid Flash Arrays - 5.1.2.0 and older, 5.0.7.0 and older, 4.5.4.0 and older, 3.9.1.0 and older Nimble...
HPESBUX03962 rev.2 - HP-UX NTP service, multiple vulnerabilities
Potential Security Impact: Local: Denial of Service DoS, Buffer Overflow; Remote: Compromise of System Integrity, Denial of Service DoS, Buffer Overflow SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP-UX NTP Software Prior to C.4.2.8.4.0 CVSS Scores: | CVE | CVSS Vector | Base...
HPESBHF03960 rev.1 - HPE Lights Out 100 (LO100) Remote Management for ProLiant G1 - G6 servers, Remote Denial of Service
Potential Security Impact: Remote: Denial of Service DoS SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Lights-Out 100 LO100 Remote Management all - denial of service CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2019-12264 |...
HPESBST03959 rev.1 - HPE Command View Advanced Edition (CVAE) Multiple Vulnerabilities
Potential Security Impact: Local: Multiple Vulnerabilities; Remote: Multiple Vulnerabilities SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP XP7 CVAE Earlier than 8.6.5-00 HPE XP7 Command View Advanced Edition Suite Earlier than 8.6.5-00 CVSS Scores: | CVE | CVSS Vector | Base...
HPESBST03958 rev.1 - HPE Command View Advanced Edition (CVAE) Multiple Vulnerabilities
Potential Security Impact: Local: Multiple Vulnerabilities; Remote: Multiple Vulnerabilities SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP XP7 CVAE Earlier than 8.6.4-00 HPE XP7 Command View Advanced Edition Suite Earlier than 8.6.4-00 CVSS Scores: | CVE | CVSS Vector | Base...
HPESBHF03955 rev.2 - HPE SimpliVity OmniStack, Local and Remote File Modification and Deletion
Potential Security Impact: Local: Creation and Deletion of Arbitrary Files; Remote: Creation and Deletion of Arbitrary Files SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE SimpliVity 380 Gen9 releases from 3.6.2 to 3.7.9 HPE SimpliVity 380 Gen10 releases from 3.7.1 to 3.7.9 H...
HPESBST03956 rev.2 - HPE SimpliVity OmniStack, Local and Remote Arbitrary Command Execution
Potential Security Impact: Local: Arbitrary Command Execution; Remote: Arbitrary Command Execution SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE SimpliVity 380 Gen9 releases from 3.6.2 to 3.7.9 HPE SimpliVity 380 Gen10 releases from 3.7.1 to 3.7.9 HPE SimpliVity 380 Gen10 G...
HPESBHF03954 rev.1 - HPE UioT, Remote Unauthorized Access and Access to sensitive Data
Potential Security Impact: Remote: Unauthorized Access to Sensitive Information, Unauthorized Remote Access SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE IOT + GCP 1.2.4.2 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2019-11995 |...
HPESBGN03957 rev.1 - HPE Oneview for VMware vCenter, Remote Cross-Site Scripting
Potential Security Impact: Remote: Cross-Site Scripting XSS SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE OneView for VMware vCenter with Operations Manager and Log Insight 9.5 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2019-11992 |...
HPESBUX03950 rev.1 - HP-UX Web Server Suite running Apache on HP-UX 11iv3, Multiple Remote Vulnerabilities
Potential Security Impact: Local: Unauthorized Disclosure of Information, Unauthorized Modification; Remote: Bypass Security Restrictions, Denial of Service DoS, Unauthorized Disclosure of Information, Unauthorized Modification SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP-UX...
HPESBST03951 rev.1 - HPE Command View Advanced EditionCVAE (Virtual Appliance only), Remote Denial of Service
Potential Security Impact: Local: Multiple Vulnerabilities; Remote: Multiple Vulnerabilities SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP XP7 CVAE 8.5.2-00 to earlier than 8.6.1-02 HP P9000 Command View Advanced Edition Software 1TB 0-30TB LTU 8.5.2-00 to earlier than 8.6.1-...
HPESBST03953 rev.1 - HPE Command View Advanced Edition (CVAE), Multiple Vulnerabilities
Potential Security Impact: Local: Multiple Vulnerabilities; Remote: Multiple Vulnerabilities SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP XP P9000 Command View Advanced Edition Software 8.4.0-00 to earlier than 8.6.2-00 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- |...
HPESBST03952 rev.1 - HPE Command View Advanced Edition (CVAE) Products using JAVA, Multiple Vulnerabilities
Potential Security Impact: Local: Multiple Vulnerabilities; Remote: Multiple Vulnerabilities SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP XP7 CVAE 8.6.3-00 or later HPE XP7 Command View Advanced Edition Suite 8.6.3-00 or later CVSS Scores: | CVE | CVSS Vector | Base Score | ...
HPESBST03938 rev.1 - Command View Advanced Edition (CVAE) Products, Local and Remote Access Restriction Bypass
Potential Security Impact: Local: Access Restriction Bypass; Remote: Access Restriction Bypass SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP XP7 CVAE earlier than 8.6.2-02 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2019-5408 |...
HPESBST03942 rev.1 - 3PAR Service Processor 5.0.5, Multiple remote Vulnerabilities
Potential Security Impact: Remote: Authentication Bypass, Bypass Security Restrictions, Cross-Site Scripting XSS, Gain Unauthorized Access, Session Reuse, Arbitrary file upload SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE 3PAR Service Processor prior to 5.0.5.1 CVSS Scores:...
HPESBST03946 rev.1 - HPE 3PAR StoreServ Management Console (SSMC), Multiple Vulnerabilities
Potential Security Impact: Remote: Authentication Bypass, Cross-Site Scripting XSS, Unauthorized Information Disclosure, Session Reuse, script injection SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE 3PAR StoreServ Management and Core Software Media prior to 3.5.0.1 CVSS...
HPESBHF03944 rev.1 - HPE HP2910al-48G switches, local Arbitrary Command Execution
Potential Security Impact: Local: Arbitrary Command Execution SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP 2910-48G al Switch W.15.14.0016 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2019-5401 | CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L | 6.3...
HPESBUX03927 rev.1 - HP-UX BIND, Remote Denial of Service (DoS) and Remote Unauthorized Data Modification
Potential Security Impact: Remote: Denial of Service DoS, Unauthorized Data Modification SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP-UX BIND BIND 9.11.1 prior to C.9.11.1.4.0 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2018-5740 |...