3.25.46

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

hpe

NVD

Published: 2021-04-01

Updated: 2021-04-06

Summary

A potential security vulnerability has been identified in HPE Superdome Flex server. A denial of service attack can be remotely exploited leaving hung connections to the BMC web interface. The monarch BMC must be rebooted to recover from this situation. Other BMC management is not impacted. HPE has made the following software update to resolve the vulnerability in HPE Superdome Flex Server: Superdome Flex Server Firmware 3.30.142 or later.

Vulnerable Configurations

Part	Description	Count
OS	Hpe HPE Superdome Flex Server Firmware 3.20.186 HPE Superdome Flex Server Firmware 3.20.206 HPE Superdome Flex Server Firmware 3.25.46	3
Hardware	Hpe HPE Superdome Flex Server -	1

References

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04102en_us