CVE-2021-29213
Last modified
CVE-2021-29213 is a medium-severity vulnerability rated 6.7/10 on the CVSS scale. A potential local bypass of security restrictions vulnerability has been identified in HPE ProLiant DL20 Gen10, HPE ProLiant ML30 Gen10, and HPE ProLiant MicroServer Gen10 Plus server's system ROMs prior to version 2.52. The vulnerability could be locally exploited to cause disclosure of sensitive information, denial of service (DoS), and/or compromise system integrity.. EPSS estimates a 0.29% chance of exploitation in the next 30 days.
Description
A potential local bypass of security restrictions vulnerability has been identified in HPE ProLiant DL20 Gen10, HPE ProLiant ML30 Gen10, and HPE ProLiant MicroServer Gen10 Plus server's system ROMs prior to version 2.52. The vulnerability could be locally exploited to cause disclosure of sensitive information, denial of service (DoS), and/or compromise system integrity.
Metrics
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Hpe | Proliant Microserver Gen10 Plus Firmware | < 2.52 |
| Hpe | Proliant Ml30 Gen10 Server Firmware | < 2.52 |
| Hpe | Proliant Dl20 Gen10 Server Firmware | < 2.52 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2021-29213?
How severe is CVE-2021-29213?
How do I fix CVE-2021-29213?
Are you affected by CVE-2021-29213?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST