Vulnerability Details CVE-2021-26581
A potential security vulnerability has been identified in HPE Superdome Flex server. A denial of service attack can be remotely exploited leaving hung connections to the BMC web interface. The monarch BMC must be rebooted to recover from this situation. Other BMC management is not impacted. HPE has made the following software update to resolve the vulnerability in HPE Superdome Flex Server: Superdome Flex Server Firmware 3.30.142 or later.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.1%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2021-26581
-
cpe:2.3:h:hpe:superdome_flex_server:-
-
cpe:2.3:o:hpe:superdome_flex_server_firmware:3.20.186
-
cpe:2.3:o:hpe:superdome_flex_server_firmware:3.20.206
-
cpe:2.3:o:hpe:superdome_flex_server_firmware:3.25.46