admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2018/7xxx/CVE-2018-7112.json

82 lines
12 KiB
JSON
Raw Normal View History

- Synchronized data.
2018-02-15 11:02:26 -05:00
{
"-Synchronized-Data."
2019-03-17 22:26:40 +00:00
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2018-7112",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows firmware installer for Gen9, Gen8, G7,and G6 HPE servers",
"version": {
"version_data": [
{
"version_value": "Only the Windows based firmware installers for the following products. HPE Integrated Lights-Out 2 (iLO 2) Firmware for ProLiant G6 Servers - Prior to v2.33, HPE Integrated Lights-Out 3 (iLO 3) Firmware for ProLiant G7 Servers - Prior to v1.90, HPE Integrated Lights-Out 4 (iLO 4) Firmware for ProLiant Gen8 Server firmwares - Prior to v2.60, HPE ProLiant XL750f Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL740f Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL730f Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL450 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL270d Gen9 Special Server - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL270d Gen9 Accelerator Tray 2U Configure-to-order Server - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL260a Gen9 Server firmware - Prior to 1.60_01-22-2018(26 Feb 2018), HPE ProLiant XL250a Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL230a Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL190r Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL170r Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant DL560 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant DL380 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant DL360 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant DL180 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant DL160 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant DL120 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018). HPE ProLiant DL80 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant DL60 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant DL20 Gen9 Server firmware - Prior to 2.56_01-22-2018(27 Feb 2018), HPE ProLiant ML350 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant ML150 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant ML110 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant ML30 Gen9 Server firmware - Prior to 2.56_01-22-2018(27 Feb 2018), HPE ProLiant ML10 Gen9 Server firmware - Prior to 2018.01.22(22 Mar 2018), HPE ProLiant BL660c Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant BL460c Gen9 Server firmware Blade - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant WS460c Gen9 Workstation - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant DL380e Gen8 Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant DL360p Gen8 Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant DL360e Gen8 Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant DL320e Gen8 Server firmware - Prior to 2018.01.22(5 Mar 2018), HPE ProLiant DL320e Gen8 v2 Server firmware - Prior to 2018.01.22(23 Feb 2018), HPE ProLiant DL160 Gen8 Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant SL250s Gen8 Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant SL210t Gen8 Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant BL660c Gen8 Server firmware Blade - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant BL465c Gen8 (AMD) - Prior to 2018.03.14(12 Apr 2018), HPE ProLiant BL460c Gen8 Server firmware Blade - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant BL420c Gen8 Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant SL4540 Gen8 1 Node Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant SL270s Gen8 Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant DL580 Gen8 Server firmware - Prior to 2.00_02-22-2018(2 Mar 2018), HPE ProLiant DL560 Gen8 Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant DL380p Gen8 Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant DL385p Gen8 (AMD) - Prior to 2018.03.14(12 Apr 2018), HPE ProLiant
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
- Added submission from HPE from 2018-11-30.
2018-12-03 09:06:58 -05:00
{
"-Synchronized-Data."
2019-03-17 22:26:40 +00:00
"lang": "eng",
"value": "The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. This issue was resolved in previously provided firmware updates as follows. The HPE Windows firmware installer was updated in the system ROM updates which also addressed the original Spectre/Meltdown set of vulnerabilities. At that time, the Windows firmware installer was also updated in the versions of HPE Integrated Lights-Out 2, 3, and 4 (iLO 2, 3, and 4) listed in the security bulletin. The updated HPE Windows firmware installer was released in the system ROM and HPE Integrated Lights-Out (iLO) releases documented in earlier HPE Security Bulletins: HPESBHF03805, HPESBHF03835, HPESBHF03831. Windows-based systems that have already been updated to the system ROM or iLO versions described in these security bulletins require no further action."
- Added submission from HPE from 2018-11-30.
2018-12-03 09:06:58 -05:00
}
"-Synchronized-Data."
2019-03-17 22:26:40 +00:00
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local disclosure of privileged information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041984",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041984"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03805en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03805en_us"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03835en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03835en_us"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03869en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03869en_us"
}
]
}
}
Reference in New Issue Copy Permalink