Vulnerability Details CVE-2021-25129
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice getvideodata_func function path traversal vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.1%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
Products affected by CVE-2021-25129
-
cpe:2.3:h:hpe:cloudline_cl3100_gen10_server:-
-
cpe:2.3:h:hpe:cloudline_cl4100_gen10_server:-
-
cpe:2.3:h:hpe:cloudline_cl5200_gen9_server:-
-
cpe:2.3:h:hpe:cloudline_cl5800_gen10_server:-
-
cpe:2.3:h:hpe:cloudline_cl5800_gen9_server:-
-
cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.08.0.0
-
cpe:2.3:o:hpe:cloudline_cl3100_gen10_server_firmware:1.10.0.0
-
cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.08.0.0
-
cpe:2.3:o:hpe:cloudline_cl4100_gen10_server_firmware:1.10.0.0
-
cpe:2.3:o:hpe:cloudline_cl5200_gen9_server_firmware:1.07.0.0
-
cpe:2.3:o:hpe:cloudline_cl5800_gen10_server_firmware:1.08.0.0
-
cpe:2.3:o:hpe:cloudline_cl5800_gen9_server_firmware:1.09.0.0