Vulnerabilities > HPE

DATE CVE VULNERABILITY TITLE RISK
2021-01-29 CVE-2021-25130 Classic Buffer Overflow vulnerability in HPE products
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setactdir_func function.
local
low complexity
hpe CWE-120
7.8
7.8
2021-01-29 CVE-2021-25129 Path Traversal vulnerability in HPE products
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice getvideodata_func function path traversal vulnerability.
local
low complexity
hpe CWE-22
7.8
7.8
2021-01-29 CVE-2021-25128 Path Traversal vulnerability in HPE products
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice gethelpdata_func function path traversal vulnerability.
local
low complexity
hpe CWE-22
7.8
7.8
2021-01-29 CVE-2021-25127 Classic Buffer Overflow vulnerability in HPE products
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice generatesslcertificate_func function.
local
low complexity
hpe CWE-120
7.8
7.8
2021-01-29 CVE-2021-25126 Classic Buffer Overflow vulnerability in HPE products
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice downloadkvmjnlp_func function.
local
low complexity
hpe CWE-120
7.8
7.8
2021-01-29 CVE-2021-25125 Path Traversal vulnerability in HPE products
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice delsolrecordedvideo_func function path traversal vulnerability.
local
low complexity
hpe CWE-22
7.8
7.8
2021-01-29 CVE-2021-25124 Path Traversal vulnerability in HPE products
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice deletevideo_func function path traversal vulnerability.
local
low complexity
hpe CWE-22
7.8
7.8
2021-01-29 CVE-2021-25123 Classic Buffer Overflow vulnerability in HPE products
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice addlicense_func function.
local
low complexity
hpe CWE-120
7.8
7.8
2020-10-02 CVE-2020-24628 Code Injection vulnerability in HPE KVM IP Console Switch G2 Firmware
A remote code injection vulnerability was discovered in HPE KVM IP Console Switches version(s): G2 4x1Ex32 Prior to 2.8.3.
network
low complexity
hpe CWE-94
8.8
8.8
2020-10-02 CVE-2020-24627 Cross-site Scripting vulnerability in HPE KVM IP Console Switch G2 Firmware
A remote stored xss vulnerability was discovered in HPE KVM IP Console Switches version(s): G2 4x1Ex32 Prior to 2.8.3.
network
low complexity
hpe CWE-79
5.4
5.4