Vulnerability Description
A potential local bypass of security restrictions vulnerability has been identified in HPE ProLiant DL20 Gen10, HPE ProLiant ML30 Gen10, and HPE ProLiant MicroServer Gen10 Plus server's system ROMs prior to version 2.52. The vulnerability could be locally exploited to cause disclosure of sensitive information, denial of service (DoS), and/or compromise system integrity.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hpe | Proliant Microserver Gen10 Plus Firmware | < 2.52 |
| Hpe | Proliant Microserver Gen10 Plus | - |
| Hpe | Proliant Ml30 Gen10 Server Firmware | < 2.52 |
| Hpe | Proliant Ml30 Gen10 Server | - |
| Hpe | Proliant Dl20 Gen10 Server Firmware | < 2.52 |
| Hpe | Proliant Dl20 Gen10 Server | - |
References
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpeVendor Advisory
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpeVendor Advisory
FAQ
What is CVE-2021-29213?
CVE-2021-29213 is a vulnerability with a CVSS score of 6.7 (MEDIUM). A potential local bypass of security restrictions vulnerability has been identified in HPE ProLiant DL20 Gen10, HPE ProLiant ML30 Gen10, and HPE ProLiant MicroServer Gen10 Plus server's system ROMs pr...
How severe is CVE-2021-29213?
CVE-2021-29213 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-29213?
Check the references section above for vendor advisories and patch information. Affected products include: Hpe Proliant Microserver Gen10 Plus Firmware, Hpe Proliant Microserver Gen10 Plus, Hpe Proliant Ml30 Gen10 Server Firmware, Hpe Proliant Ml30 Gen10 Server, Hpe Proliant Dl20 Gen10 Server Firmware.