4 matches found
CVE-2021-29220
CVE-2021-29220 affects HPE iLO Amplifier Pack prior to version 2.12. The issue is described as multiple buffer overflow vulnerabilities that could allow a highly privileged remote attacker to execute code, leading to loss of confidentiality, integrity, and availability. Remediation provided by HP...
CVE-2020-7203
CVE-2020-7203 affects HPE iLO Amplifier Pack server 1.70. The connected documents confirm a remote code execution risk in this product, with CVSSv3.1 base score 9.8 (CRITICAL) and CVSSv2 7.5 (HIGH). No exploit details or mitigation steps are provided in the documents. The vulnerability is documen...
CVE-2021-29212
CVE-2021-29212 affects HPE iLO Amplifier Pack on versions 1.80/1.81/1.90/1.95. It describes a remote unauthenticated directory traversal that enables arbitrary code execution with root context via the backup endpoint due to improper path validation. ZDI notes no auth required; a fix is available ...
CVE-2021-26583
The CVE-2021-26583 entry concerns HPE iLO Amplifier Pack and is corroborated by multiple connected sources indicating a remote code execution vulnerability in versions prior to 1.90. The vulnerability allows a remote attacker to execute arbitrary code on affected systems; no exploitation details ...