The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a path traversal vulnerability in libifc.so webdeletevideofile function.
References
Link | Resource |
---|---|
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04080en_us | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2021-02-08 12:15
Updated : 2021-02-10 07:30
NVD link : CVE-2021-26574
Mitre link : CVE-2021-26574
JSON object : View
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Products Affected
hpe
- apollo_70_system
- baseboard_management_controller