CVE-2021-26588

Severity Score

9.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A potential security vulnerability has been identified in HPE 3PAR StoreServ, HPE Primera Storage and HPE Alletra 9000 Storage array firmware. An unauthenticated user could remotely exploit the low complexity issue to execute code as administrator. This vulnerability impacts completely the confidentiality, integrity, availability of the array. HPE has made the following software updates and mitigation information to resolve the vulnerability in 3PAR, Primera and Alletra 9000 firmware.

Se ha identificado una posible vulnerabilidad de seguridad en el firmware de HPE 3PAR StoreServ, HPE Primera Storage and HPE Alletra 9000 Storage array. Un usuario no autenticado podría explotar remotamente el problema de baja complejidad para ejecutar código como administrador. Esta vulnerabilidad afecta completamente la confidencialidad, integridad y disponibilidad de la matriz. HPE ha realizado las siguientes actualizaciones de software e información de mitigación para resolver la vulnerabilidad en el firmware de 3PAR, Primera y Alletra 9000

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2021-02-02 CVE Reserved
2021-10-11 CVE Published
2024-08-03 CVE Updated
2024-09-16 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst04191en_us	2021-10-18

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mp5_p156 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mp5_p156"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 10400 Search vendor "Hpe" for product "3par Storeserv 10400"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mp5_p156 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mp5_p156"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 10800 Search vendor "Hpe" for product "3par Storeserv 10800"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mp5_p156 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mp5_p156"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 20000 Search vendor "Hpe" for product "3par Storeserv 20000"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mp5_p156 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mp5_p156"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 7200c Search vendor "Hpe" for product "3par Storeserv 7200c"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mp5_p156 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mp5_p156"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 7400c Search vendor "Hpe" for product "3par Storeserv 7400c"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mp5_p156 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mp5_p156"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 7440c Search vendor "Hpe" for product "3par Storeserv 7440c"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mp5_p156 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mp5_p156"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 8000 Search vendor "Hpe" for product "3par Storeserv 8000"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mp5_p156 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mp5_p156"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 9000 Search vendor "Hpe" for product "3par Storeserv 9000"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mu1 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mu1"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 10400 Search vendor "Hpe" for product "3par Storeserv 10400"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mu1 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mu1"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 10800 Search vendor "Hpe" for product "3par Storeserv 10800"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mu1 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mu1"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 20000 Search vendor "Hpe" for product "3par Storeserv 20000"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mu1 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mu1"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 7200c Search vendor "Hpe" for product "3par Storeserv 7200c"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mu1 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mu1"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 7400c Search vendor "Hpe" for product "3par Storeserv 7400c"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mu1 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mu1"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 7440c Search vendor "Hpe" for product "3par Storeserv 7440c"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mu1 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mu1"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 8000 Search vendor "Hpe" for product "3par Storeserv 8000"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mu1 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mu1"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 9000 Search vendor "Hpe" for product "3par Storeserv 9000"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mu2_p157 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mu2_p157"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 10400 Search vendor "Hpe" for product "3par Storeserv 10400"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mu2_p157 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mu2_p157"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 10800 Search vendor "Hpe" for product "3par Storeserv 10800"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mu2_p157 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mu2_p157"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 20000 Search vendor "Hpe" for product "3par Storeserv 20000"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mu2_p157 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mu2_p157"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 7200c Search vendor "Hpe" for product "3par Storeserv 7200c"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mu2_p157 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mu2_p157"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 7400c Search vendor "Hpe" for product "3par Storeserv 7400c"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mu2_p157 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mu2_p157"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 7440c Search vendor "Hpe" for product "3par Storeserv 7440c"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mu2_p157 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mu2_p157"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 8000 Search vendor "Hpe" for product "3par Storeserv 8000"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.1_mu2_p157 Search vendor "Hpe" for product "3par Os" and version "3.3.1_mu2_p157"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 9000 Search vendor "Hpe" for product "3par Storeserv 9000"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.2_ga_p_01 Search vendor "Hpe" for product "3par Os" and version "3.3.2_ga_p_01"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 10400 Search vendor "Hpe" for product "3par Storeserv 10400"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.2_ga_p_01 Search vendor "Hpe" for product "3par Os" and version "3.3.2_ga_p_01"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 10800 Search vendor "Hpe" for product "3par Storeserv 10800"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.2_ga_p_01 Search vendor "Hpe" for product "3par Os" and version "3.3.2_ga_p_01"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 20000 Search vendor "Hpe" for product "3par Storeserv 20000"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.2_ga_p_01 Search vendor "Hpe" for product "3par Os" and version "3.3.2_ga_p_01"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 7200c Search vendor "Hpe" for product "3par Storeserv 7200c"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.2_ga_p_01 Search vendor "Hpe" for product "3par Os" and version "3.3.2_ga_p_01"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 7400c Search vendor "Hpe" for product "3par Storeserv 7400c"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.2_ga_p_01 Search vendor "Hpe" for product "3par Os" and version "3.3.2_ga_p_01"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 7440c Search vendor "Hpe" for product "3par Storeserv 7440c"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.2_ga_p_01 Search vendor "Hpe" for product "3par Os" and version "3.3.2_ga_p_01"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 8000 Search vendor "Hpe" for product "3par Storeserv 8000"	-	-	Safe
Hpe Search vendor "Hpe"	3par Os Search vendor "Hpe" for product "3par Os"	3.3.2_ga_p_01 Search vendor "Hpe" for product "3par Os" and version "3.3.2_ga_p_01"	-	Affected	in	Hpe Search vendor "Hpe"	3par Storeserv 9000 Search vendor "Hpe" for product "3par Storeserv 9000"	-	-	Safe
Hpe Search vendor "Hpe"	Primera 630 Firmware Search vendor "Hpe" for product "Primera 630 Firmware"	>= 4.0.0 <= 4.3.3 Search vendor "Hpe" for product "Primera 630 Firmware" and version " >= 4.0.0 <= 4.3.3"	-	Affected	in	Hpe Search vendor "Hpe"	Primera 630 Search vendor "Hpe" for product "Primera 630"	-	-	Safe
Hpe Search vendor "Hpe"	Primera 650 Firmware Search vendor "Hpe" for product "Primera 650 Firmware"	>= 4.0.0 <= 4.3.3 Search vendor "Hpe" for product "Primera 650 Firmware" and version " >= 4.0.0 <= 4.3.3"	-	Affected	in	Hpe Search vendor "Hpe"	Primera 650 Search vendor "Hpe" for product "Primera 650"	-	-	Safe
Hpe Search vendor "Hpe"	Primera 670 Firmware Search vendor "Hpe" for product "Primera 670 Firmware"	>= 4.0.0 <= 4.3.3 Search vendor "Hpe" for product "Primera 670 Firmware" and version " >= 4.0.0 <= 4.3.3"	-	Affected	in	Hpe Search vendor "Hpe"	Primera 670 Search vendor "Hpe" for product "Primera 670"	-	-	Safe
Hpe Search vendor "Hpe"	Alletra 9060 Firmware Search vendor "Hpe" for product "Alletra 9060 Firmware"	>= 9.3.0 <= 9.4.0 Search vendor "Hpe" for product "Alletra 9060 Firmware" and version " >= 9.3.0 <= 9.4.0"	-	Affected	in	Hpe Search vendor "Hpe"	Alletra 9060 Search vendor "Hpe" for product "Alletra 9060"	-	-	Safe
Hpe Search vendor "Hpe"	Alletra 9080 Firmware Search vendor "Hpe" for product "Alletra 9080 Firmware"	>= 9.3.0 <= 9.4.0 Search vendor "Hpe" for product "Alletra 9080 Firmware" and version " >= 9.3.0 <= 9.4.0"	-	Affected	in	Hpe Search vendor "Hpe"	Alletra 9080 Search vendor "Hpe" for product "Alletra 9080"	-	-	Safe