CVE-2021-29218
Severity Score
6.7
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A local unquoted search path security vulnerability has been identified in HPE Agentless Management Service for Windows version(s): Prior to 1.44.0.0, 10.96.0.0. This vulnerability could be exploited locally by a user with high privileges to execute malware that may lead to a loss of confidentiality, integrity, and availability. HPE has provided software updates to resolve the vulnerability in HPE Agentless Management Service for Windows.
Se ha identificado una vulnerabilidad de seguridad en la ruta de búsqueda local no citada en HPE Agentless Management Service para Windows versiones: Anteriores a 1.44.0.0, 10.96.0.0. Esta vulnerabilidad podría ser explotada localmente por un usuario con altos privilegios para ejecutar malware que puede conllevar a una pérdida de confidencialidad, integridad y disponibilidad. HPE ha proporcionado actualizaciones de software para resolver la vulnerabilidad en HPE Agentless Management Service para Windows
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-03-25 CVE Reserved
- 2022-02-04 CVE Published
- 2023-08-28 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-428: Unquoted Search Path or Element
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Hpe Search vendor "Hpe" | Agentless Management Search vendor "Hpe" for product "Agentless Management" | < 1.44.0.0 Search vendor "Hpe" for product "Agentless Management" and version " < 1.44.0.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | x64 |
Safe
|
| Hpe Search vendor "Hpe" | Proliant Agentless Management Search vendor "Hpe" for product "Proliant Agentless Management" | < 10.96.0.0 Search vendor "Hpe" for product "Proliant Agentless Management" and version " < 10.96.0.0" | - |
Affected
| in | Hpe Search vendor "Hpe" | Apollo 20 Search vendor "Hpe" for product "Apollo 20" | - | - |
Safe
|
| Hpe Search vendor "Hpe" | Proliant Agentless Management Search vendor "Hpe" for product "Proliant Agentless Management" | < 10.96.0.0 Search vendor "Hpe" for product "Proliant Agentless Management" and version " < 10.96.0.0" | - |
Affected
| in | Hpe Search vendor "Hpe" | Apollo 2000 Gen 10 Plus Search vendor "Hpe" for product "Apollo 2000 Gen 10 Plus" | - | - |
Safe
|
| Hpe Search vendor "Hpe" | Proliant Agentless Management Search vendor "Hpe" for product "Proliant Agentless Management" | < 10.96.0.0 Search vendor "Hpe" for product "Proliant Agentless Management" and version " < 10.96.0.0" | - |
Affected
| in | Hpe Search vendor "Hpe" | Apollo 6500 Search vendor "Hpe" for product "Apollo 6500" | - | - |
Safe
|
| Hpe Search vendor "Hpe" | Proliant Agentless Management Search vendor "Hpe" for product "Proliant Agentless Management" | < 10.96.0.0 Search vendor "Hpe" for product "Proliant Agentless Management" and version " < 10.96.0.0" | - |
Affected
| in | Hpe Search vendor "Hpe" | Apollo 6500 Gen10 Plus Search vendor "Hpe" for product "Apollo 6500 Gen10 Plus" | - | - |
Safe
|
| Hpe Search vendor "Hpe" | Proliant Agentless Management Search vendor "Hpe" for product "Proliant Agentless Management" | < 10.96.0.0 Search vendor "Hpe" for product "Proliant Agentless Management" and version " < 10.96.0.0" | - |
Affected
| in | Hpe Search vendor "Hpe" | Apollo 80 Search vendor "Hpe" for product "Apollo 80" | - | - |
Safe
|
| Hpe Search vendor "Hpe" | Proliant Agentless Management Search vendor "Hpe" for product "Proliant Agentless Management" | < 10.96.0.0 Search vendor "Hpe" for product "Proliant Agentless Management" and version " < 10.96.0.0" | - |
Affected
| in | Hpe Search vendor "Hpe" | Proliant Dl Search vendor "Hpe" for product "Proliant Dl" | - | - |
Safe
|
| Hpe Search vendor "Hpe" | Proliant Agentless Management Search vendor "Hpe" for product "Proliant Agentless Management" | < 10.96.0.0 Search vendor "Hpe" for product "Proliant Agentless Management" and version " < 10.96.0.0" | - |
Affected
| in | Hpe Search vendor "Hpe" | Proliant Ml Search vendor "Hpe" for product "Proliant Ml" | - | - |
Safe
|
| Hpe Search vendor "Hpe" | Proliant Agentless Management Search vendor "Hpe" for product "Proliant Agentless Management" | < 10.96.0.0 Search vendor "Hpe" for product "Proliant Agentless Management" and version " < 10.96.0.0" | - |
Affected
| in | Hpe Search vendor "Hpe" | Synergy 480 Gen9 Search vendor "Hpe" for product "Synergy 480 Gen9" | - | - |
Safe
|
| Hpe Search vendor "Hpe" | Proliant Agentless Management Search vendor "Hpe" for product "Proliant Agentless Management" | < 10.96.0.0 Search vendor "Hpe" for product "Proliant Agentless Management" and version " < 10.96.0.0" | - |
Affected
| in | Hpe Search vendor "Hpe" | Synergy 620 Gen9 Search vendor "Hpe" for product "Synergy 620 Gen9" | - | - |
Safe
|
| Hpe Search vendor "Hpe" | Proliant Agentless Management Search vendor "Hpe" for product "Proliant Agentless Management" | < 10.96.0.0 Search vendor "Hpe" for product "Proliant Agentless Management" and version " < 10.96.0.0" | - |
Affected
| in | Hpe Search vendor "Hpe" | Synergy 660 Gen9 Search vendor "Hpe" for product "Synergy 660 Gen9" | - | - |
Safe
|
| Hpe Search vendor "Hpe" | Proliant Agentless Management Search vendor "Hpe" for product "Proliant Agentless Management" | < 10.96.0.0 Search vendor "Hpe" for product "Proliant Agentless Management" and version " < 10.96.0.0" | - |
Affected
| in | Hpe Search vendor "Hpe" | Synergy 680 Gen9 Search vendor "Hpe" for product "Synergy 680 Gen9" | - | - |
Safe
|