Vulnerability Details CVE-2021-29218
A local unquoted search path security vulnerability has been identified in HPE Agentless Management Service for Windows version(s): Prior to 1.44.0.0, 10.96.0.0. This vulnerability could be exploited locally by a user with high privileges to execute malware that may lead to a loss of confidentiality, integrity, and availability. HPE has provided software updates to resolve the vulnerability in HPE Agentless Management Service for Windows.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.8%
CVSS Severity
CVSS v3 Score 6.7
CVSS v2 Score 4.6
References
Products affected by CVE-2021-29218
-
cpe:2.3:a:hpe:agentless_management:-
-
cpe:2.3:a:hpe:agentless_management:1.1.0.0
-
cpe:2.3:a:hpe:agentless_management:1.15.0.0
-
cpe:2.3:a:hpe:agentless_management:1.20.0.0
-
cpe:2.3:a:hpe:agentless_management:1.30.0.0
-
cpe:2.3:a:hpe:agentless_management:1.40.0.0
-
cpe:2.3:a:hpe:agentless_management:1.43.0.0
-
cpe:2.3:a:hpe:proliant_agentless_management:-
-
cpe:2.3:h:hpe:apollo_2000_gen_10_plus:-
-
cpe:2.3:h:hpe:apollo_20:-
-
cpe:2.3:h:hpe:apollo_6500:-
-
cpe:2.3:h:hpe:apollo_6500_gen10_plus:-
-
cpe:2.3:h:hpe:apollo_80:-
-
cpe:2.3:h:hpe:proliant_dl:-
-
cpe:2.3:h:hpe:proliant_ml:-
-
cpe:2.3:h:hpe:synergy_480_gen9:-
-
cpe:2.3:h:hpe:synergy_620_gen9:-
-
cpe:2.3:h:hpe:synergy_660_gen9:-
-
cpe:2.3:h:hpe:synergy_680_gen9:-
-
cpe:2.3:o:microsoft:windows:-