CVE-2020-7205

A potential security vulnerability has been identified in HPE Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. The vulnerability could be locally exploited to allow arbitrary code execution during the boot process. **Note:** This vulnerability is related to using insmod in GRUB2 in the specific impacted HPE product and HPE is addressing this issue. HPE has made the following software updates and mitigation information to resolve the vulnerability in Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. HPE provided latest Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting Toolkit which includes the GRUB2 patch to resolve this vulnerability. These new boot images will update GRUB2 and the Forbidden Signature Database (DBX). After the DBX is updated, users will not be able to boot to the older IP, SPP or Scripting ToolKit with Secure Boot enabled. HPE have provided a standalone DBX update tool to work with Microsoft Windows, and supported Linux Operating Systems. These tools can be used to update the Forbidden Signature Database (DBX) from within the OS. **Note:** This DBX update mitigates the GRUB2 issue with insmod enabled, and the "Boot Hole" issue for HPE signed GRUB2 applications.

CVSS v3.0 6.7 MEDIUM
CVSS v2.0 7.2 HIGH

6.7^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.2^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04020en_us	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:hpe:intelligent_provisioning:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:hpe:proliant_bl460c_gen8_blade_server:-:::::::*
	cpe:2.3:h:hpe:proliant_bl660c_gen8_blade_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl160_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl360e_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl360p_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl380e_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl380p_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl385p_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl560_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl580_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_ml310e_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_ml350e_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_ml350p_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_sl230s_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_sl250s_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_sl270s_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_sl4540_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_ws460c_gen8_graphics_server_blade:-:::::::*

Configuration 2 (hide)

AND

OR	cpe:2.3:a:hpe:intelligent_provisioning::::::::
	cpe:2.3:a:hpe:service_pack_for_proliant::::::::
	cpe:2.3:a:hpe:smartstart_scripting_toolkit::::::linux::*

OR	cpe:2.3:h:hpe:apollo_4200_gen9_server:-:::::::*
	cpe:2.3:h:hpe:apollo_4520_chassis:-:::::::*
	cpe:2.3:h:hpe:cloudline_cl3100_gen9_server:-:::::::*
	cpe:2.3:h:hpe:cloudline_cl5200_gen9_server:-:::::::*
	cpe:2.3:h:hpe:cloudline_cl5800_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_bl460c_gen9_server_blade:-:::::::*
	cpe:2.3:h:hpe:proliant_bl660c_gen9_server_blade:-:::::::*
	cpe:2.3:h:hpe:proliant_dl120_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl160_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl180_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl20_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_e910_server_blade:-:::::::*
	cpe:2.3:h:hpe:proliant_dl580_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl560_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl380_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl360_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl80_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl60_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_xl230a_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_xl190r_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_xl170r_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_ml150_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_ml110_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_ml350_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_ws460c_gen9_graphics_server_blade:-:::::::*
	cpe:2.3:h:hpe:proliant_dl388_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_ml30_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_ml10_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_m710x-l_server_blade:-:::::::*
	cpe:2.3:h:hpe:proliant_m750_server_blade:-:::::::*
	cpe:2.3:h:hpe:proliant_m710x_server_blade:-:::::::*
	cpe:2.3:h:hpe:proliant_m510_server_cartridge:-:::::::*
	cpe:2.3:h:hpe:proliant_se2160w_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_xl730f_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_xl450_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_xl250a_gen9_server:-:::::::*
	cpe:2.3:h:hpe:synergy_680_gen9_compute_module:-:::::::*
	cpe:2.3:h:hpe:synergy_620_gen9_compute_module:-:::::::*
	cpe:2.3:h:hpe:synergy_480_gen9_compute_module:-:::::::*
	cpe:2.3:h:hpe:proliant_xl740f_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_xl750f_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_xl270d_gen9_server:-:::::::*
	cpe:2.3:h:hpe:synergy_d3940_storage_module:-:::::::*
	cpe:2.3:h:hpe:storeeasy_1000_storage_gen9:-:::::::*
	cpe:2.3:h:hpe:synergy_660_gen9_compute_module:-:::::::*
	cpe:2.3:h:hpe:proliant_xl260a_gen9_server:-:::::::*

Configuration 3 (hide)

AND

OR	cpe:2.3:a:hpe:intelligent_provisioning::::::::
	cpe:2.3:a:hpe:intelligent_provisioning:3.31:::::::*
	cpe:2.3:a:hpe:intelligent_provisioning:3.40:::::::*
	cpe:2.3:a:hpe:service_pack_for_proliant::::::::
	cpe:2.3:a:hpe:smartstart_scripting_toolkit::::::linux::*

OR	cpe:2.3:h:hpe:apollo_2000_gen10_plus_system:-:::::::*
	cpe:2.3:h:hpe:apollo_4200_gen10_server:-:::::::*
	cpe:2.3:h:hpe:apollo_4510_gen10_system:-:::::::*
	cpe:2.3:h:hpe:apollo_6500_gen10_system:-:::::::*
	cpe:2.3:h:hpe:cloudline_cl2100_gen10_server:-:::::::*
	cpe:2.3:h:hpe:cloudline_cl2200_gen10_server:-:::::::*
	cpe:2.3:h:hpe:cloudline_cl2600_gen10_server:-:::::::*
	cpe:2.3:h:hpe:cloudline_cl2800_gen10_server:-:::::::*
	cpe:2.3:h:hpe:cloudline_cl3100_gen10_server:-:::::::*
	cpe:2.3:h:hpe:cloudline_cl3150_gen10_server:-:::::::*
	cpe:2.3:h:hpe:cloudline_cl4100_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl580_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl560_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl385_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl380_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl360_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl180_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl160_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl120_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_ml110_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_bl460c_gen10_server_blade:-:::::::*
	cpe:2.3:h:hpe:proliant_dl20_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl325_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_ml30_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dx170r_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dx190r_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dx360_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dx380_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dx560_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dx4200_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_microserver_gen10:-:::::::*
	cpe:2.3:h:hpe:proliant_dx385_gen10_plus_server:-:::::::*
	cpe:2.3:h:hpe:proliant_microserver_gen10_plus:-:::::::*
	cpe:2.3:h:hpe:proliant_xl230k_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_xl190r_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_xl170r_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_ml350_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_xl450_gen10_server:-:::::::*
	cpe:2.3:h:hpe:proliant_xl270d_gen10_server:-:::::::*
	cpe:2.3:h:hpe:synergy_660_gen10_compute_module:-:::::::*
	cpe:2.3:h:hpe:synergy_480_gen10_compute_module:-:::::::*
	cpe:2.3:h:hpe:proliant_xl2x260w_gen10_server:-:::::::*
	cpe:2.3:h:hpe:simplivity_325_gen10:-:::::::*
	cpe:2.3:h:hpe:proliant_xl220n_gen10_plus_server:-:::::::*
	cpe:2.3:h:hpe:proliant_xl290n_gen10_plus_server:-:::::::*
	cpe:2.3:h:hpe:synergy_480_gen10_plus_compute_module:-:::::::*
	cpe:2.3:h:hpe:proliant_xl925g_gen10_plus_1u_4-node_configure-to-order_server:-:::::::*
	cpe:2.3:h:hpe:simplivity_2600_gen10:-:::::::*
	cpe:2.3:h:hpe:simplivity_380_gen10:-:::::::*
	cpe:2.3:h:hpe:storeeasy_1000_storage_gen10:-:::::::*
	cpe:2.3:h:hpe:proliant_xl270d_gen9_special_server:-:::::::*

Information

Published : 2020-07-30 11:15

Updated : 2021-07-21 04:39

NVD link : CVE-2020-7205

Mitre link : CVE-2020-7205

JSON object : View

CWE

NVD-CWE-noinfo

Products Affected

hpe

synergy_620_gen9_compute_module
proliant_xl230a_gen9_server
proliant_xl230k_gen10_server
proliant_xl220n_gen10_plus_server
proliant_xl730f_gen9_server
proliant_dl560_gen8_server
proliant_e910_server_blade
proliant_ml110_gen10_server
proliant_xl260a_gen9_server
proliant_dx380_gen10_server
cloudline_cl2200_gen10_server
proliant_dx360_gen10_server
intelligent_provisioning
synergy_660_gen10_compute_module
cloudline_cl5800_gen9_server
proliant_microserver_gen10_plus
proliant_dx560_gen10_server
proliant_dl380p_gen8_server
proliant_dl380e_gen8_server
proliant_bl660c_gen9_server_blade
proliant_ml350_gen10_server
apollo_6500_gen10_system
cloudline_cl4100_gen10_server
service_pack_for_proliant
proliant_sl270s_gen8_server
proliant_dl20_gen9_server
proliant_dl360e_gen8_server
cloudline_cl3100_gen10_server
apollo_2000_gen10_plus_system
simplivity_2600_gen10
cloudline_cl2600_gen10_server
proliant_dl385_gen10_server
proliant_dl380_gen10_server
proliant_bl460c_gen10_server_blade
proliant_xl270d_gen9_server
apollo_4200_gen9_server
proliant_bl660c_gen8_blade_server
proliant_xl170r_gen9_server
proliant_dx4200_gen10_server
proliant_dl80_gen9_server
proliant_dl120_gen10_server
proliant_dl180_gen9_server
proliant_ml110_gen9_server
proliant_ml350p_gen8_server
simplivity_380_gen10
proliant_m750_server_blade
synergy_d3940_storage_module
synergy_480_gen10_plus_compute_module
proliant_xl190r_gen10_server
cloudline_cl2100_gen10_server
cloudline_cl3100_gen9_server
proliant_sl230s_gen8_server
proliant_xl450_gen9_server
proliant_dl360p_gen8_server
smartstart_scripting_toolkit
proliant_dl388_gen9_server
proliant_xl2x260w_gen10_server
proliant_dl560_gen10_server
proliant_dl580_gen10_server
proliant_xl290n_gen10_plus_server
synergy_660_gen9_compute_module
proliant_xl740f_gen9_server
proliant_microserver_gen10
proliant_xl250a_gen9_server
storeeasy_1000_storage_gen9
proliant_dx190r_gen10_server
cloudline_cl3150_gen10_server
proliant_dl20_gen10_server
proliant_ws460c_gen8_graphics_server_blade
apollo_4520_chassis
proliant_se2160w_gen9_server
apollo_4510_gen10_system
cloudline_cl2800_gen10_server
proliant_xl270d_gen9_special_server
proliant_dl120_gen9_server
proliant_dl360_gen10_server
proliant_dl160_gen10_server
proliant_xl750f_gen9_server
proliant_dl360_gen9_server
proliant_bl460c_gen9_server_blade
proliant_xl270d_gen10_server
proliant_ml10_gen9_server
proliant_ml30_gen10_server
proliant_ml350_gen9_server
proliant_bl460c_gen8_blade_server
cloudline_cl5200_gen9_server
proliant_dl160_gen9_server
proliant_xl170r_gen10_server
proliant_sl4540_gen8_server
proliant_xl190r_gen9_server
synergy_680_gen9_compute_module
synergy_480_gen9_compute_module
apollo_4200_gen10_server
proliant_ml150_gen9_server
proliant_xl925g_gen10_plus_1u_4-node_configure-to-order_server
proliant_dl180_gen10_server
proliant_dx385_gen10_plus_server
proliant_dl560_gen9_server
proliant_dl580_gen9_server
proliant_dl580_gen8_server
proliant_dl60_gen9_server
proliant_sl250s_gen8_server
proliant_m510_server_cartridge
proliant_dl385p_gen8_server
proliant_xl450_gen10_server
synergy_480_gen10_compute_module
proliant_dx170r_gen10_server
proliant_ws460c_gen9_graphics_server_blade
proliant_ml310e_gen8_server
proliant_ml350e_gen8_server
proliant_dl325_gen10_server
storeeasy_1000_storage_gen10
proliant_dl380_gen9_server
proliant_dl160_gen8_server
proliant_ml30_gen9_server
proliant_m710x-l_server_blade
simplivity_325_gen10
proliant_m710x_server_blade

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04020en_us", "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04020en_us", "tags": ["Vendor Advisory"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A potential security vulnerability has been identified in HPE Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. The vulnerability could be locally exploited to allow arbitrary code execution during the boot process. **Note:** This vulnerability is related to using insmod in GRUB2 in the specific impacted HPE product and HPE is addressing this issue. HPE has made the following software updates and mitigation information to resolve the vulnerability in Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. HPE provided latest Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting Toolkit which includes the GRUB2 patch to resolve this vulnerability. These new boot images will update GRUB2 and the Forbidden Signature Database (DBX). After the DBX is updated, users will not be able to boot to the older IP, SPP or Scripting ToolKit with Secure Boot enabled. HPE have provided a standalone DBX update tool to work with Microsoft Windows, and supported Linux Operating Systems. These tools can be used to update the Forbidden Signature Database (DBX) from within the OS. **Note:** This DBX update mitigates the GRUB2 issue with insmod enabled, and the \"Boot Hole\" issue for HPE signed GRUB2 applications."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2020-7205", "ASSIGNER": "security-alert@hpe.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "acInsufInfo": false, "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.8}}, "publishedDate": "2020-07-30T18:15Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:hpe:intelligent_provisioning:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.72"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:hpe:proliant_bl460c_gen8_blade_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_bl660c_gen8_blade_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl160_gen8_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl360e_gen8_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl360p_gen8_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl380e_gen8_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl380p_gen8_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl385p_gen8_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl560_gen8_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl580_gen8_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_ml310e_gen8_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_ml350e_gen8_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_ml350p_gen8_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_sl230s_gen8_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_sl250s_gen8_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_sl270s_gen8_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_sl4540_gen8_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_ws460c_gen8_graphics_server_blade:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:hpe:intelligent_provisioning:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "2.81"}, {"cpe23Uri": "cpe:2.3:a:hpe:service_pack_for_proliant:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "2020.03.0"}, {"cpe23Uri": "cpe:2.3:a:hpe:smartstart_scripting_toolkit:*:*:*:*:*:linux:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "11.40"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:hpe:apollo_4200_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:apollo_4520_chassis:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:cloudline_cl3100_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:cloudline_cl5200_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:cloudline_cl5800_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_bl460c_gen9_server_blade:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_bl660c_gen9_server_blade:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl120_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl160_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl180_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl20_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_e910_server_blade:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl580_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl560_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl380_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl360_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl80_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl60_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_xl230a_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_xl190r_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_xl170r_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_ml150_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_ml110_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_ml350_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_ws460c_gen9_graphics_server_blade:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl388_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_ml30_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_ml10_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_m710x-l_server_blade:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_m750_server_blade:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_m710x_server_blade:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_m510_server_cartridge:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_se2160w_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_xl730f_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_xl450_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_xl250a_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:synergy_680_gen9_compute_module:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:synergy_620_gen9_compute_module:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:synergy_480_gen9_compute_module:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_xl740f_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_xl750f_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_xl270d_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:synergy_d3940_storage_module:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:storeeasy_1000_storage_gen9:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:synergy_660_gen9_compute_module:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_xl260a_gen9_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:hpe:intelligent_provisioning:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "3.30.213"}, {"cpe23Uri": "cpe:2.3:a:hpe:intelligent_provisioning:3.31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hpe:intelligent_provisioning:3.40:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hpe:service_pack_for_proliant:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "2020.03.0"}, {"cpe23Uri": "cpe:2.3:a:hpe:smartstart_scripting_toolkit:*:*:*:*:*:linux:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "11.40"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:hpe:apollo_2000_gen10_plus_system:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:apollo_4200_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:apollo_4510_gen10_system:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:apollo_6500_gen10_system:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:cloudline_cl2100_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:cloudline_cl2200_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:cloudline_cl2600_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:cloudline_cl2800_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:cloudline_cl3100_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:cloudline_cl3150_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:cloudline_cl4100_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl580_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl560_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl385_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl380_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl360_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl180_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl160_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl120_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_ml110_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_bl460c_gen10_server_blade:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl20_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dl325_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_ml30_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dx170r_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dx190r_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dx360_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dx380_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dx560_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dx4200_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_microserver_gen10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_dx385_gen10_plus_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_microserver_gen10_plus:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_xl230k_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_xl190r_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_xl170r_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_ml350_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_xl450_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_xl270d_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:synergy_660_gen10_compute_module:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:synergy_480_gen10_compute_module:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_xl2x260w_gen10_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:simplivity_325_gen10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_xl220n_gen10_plus_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_xl290n_gen10_plus_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:synergy_480_gen10_plus_compute_module:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_xl925g_gen10_plus_1u_4-node_configure-to-order_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:simplivity_2600_gen10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:simplivity_380_gen10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:storeeasy_1000_storage_gen10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:hpe:proliant_xl270d_gen9_special_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2021-07-21T11:39Z"}

6.7 /10