// For flags

CVE-2021-29213

 

Severity Score

6.7
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A potential local bypass of security restrictions vulnerability has been identified in HPE ProLiant DL20 Gen10, HPE ProLiant ML30 Gen10, and HPE ProLiant MicroServer Gen10 Plus server's system ROMs prior to version 2.52. The vulnerability could be locally exploited to cause disclosure of sensitive information, denial of service (DoS), and/or compromise system integrity.

Se ha identificado una posible vulnerabilidad de evasión local de las restricciones de seguridad en HPE ProLiant DL20 Gen10, HPE ProLiant ML30 Gen10, and HPE ProLiant MicroServer Gen10 Plus server's system ROMs versiones anteriores a 2.52. La vulnerabilidad podría ser explotada localmente para causar una divulgación de información confidencial, la denegación de servicio (DoS), y/o comprometer la integridad del sistema

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-03-25 CVE Reserved
  • 2021-11-01 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Hpe
Search vendor "Hpe"
Proliant Microserver Gen10 Plus Firmware
Search vendor "Hpe" for product "Proliant Microserver Gen10 Plus Firmware"
< 2.52
Search vendor "Hpe" for product "Proliant Microserver Gen10 Plus Firmware" and version " < 2.52"
-
Affected
in Hpe
Search vendor "Hpe"
Proliant Microserver Gen10 Plus
Search vendor "Hpe" for product "Proliant Microserver Gen10 Plus"
--
Safe
Hpe
Search vendor "Hpe"
Proliant Ml30 Gen10 Server Firmware
Search vendor "Hpe" for product "Proliant Ml30 Gen10 Server Firmware"
< 2.52
Search vendor "Hpe" for product "Proliant Ml30 Gen10 Server Firmware" and version " < 2.52"
-
Affected
in Hpe
Search vendor "Hpe"
Proliant Ml30 Gen10 Server
Search vendor "Hpe" for product "Proliant Ml30 Gen10 Server"
--
Safe
Hpe
Search vendor "Hpe"
Proliant Dl20 Gen10 Server Firmware
Search vendor "Hpe" for product "Proliant Dl20 Gen10 Server Firmware"
< 2.52
Search vendor "Hpe" for product "Proliant Dl20 Gen10 Server Firmware" and version " < 2.52"
-
Affected
in Hpe
Search vendor "Hpe"
Proliant Dl20 Gen10 Server
Search vendor "Hpe" for product "Proliant Dl20 Gen10 Server"
--
Safe