CVE-2021-29213 Information

Description

A potential local bypass of security restrictions vulnerability has been identified in HPE ProLiant DL20 Gen10 HPE ProLiant ML30 Gen10 and HPE ProLiant MicroServer Gen10 Plus server’s system ROMs prior to version 2.52. The vulnerability could be locally exploited to cause disclosure of sensitive information denial of service (DoS) and/or compromise system integrity.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Reference

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04197en_us

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction Required

HIGH

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

6.7