admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-292xx/CVE-2021-29212.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

127 lines
4.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-29212",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2021-11-01T14:15:07.723",
"lastModified": "2021-12-03T21:09:10.487",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A remote unauthenticated directory traversal security vulnerability has been identified in HPE iLO Amplifier Pack versions 1.80, 1.81, 1.90 and 1.95. The vulnerability could be remotely exploited to allow an unauthenticated user to run arbitrary code leading complete impact to confidentiality, integrity, and availability of the iLO Amplifier Pack appliance."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad de seguridad de salto de directorio no autenticado en HPE iLO Amplifier Pack versiones 1.80, 1.81, 1.90 y 1.95. La vulnerabilidad podr\u00eda ser explotada remotamente para permitir que un usuario no autenticado ejecute c\u00f3digo arbitrario, conllevando un impacto completo en la confidencialidad, integridad y disponibilidad del dispositivo iLO Amplifier Pack"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hp:ilo_amplifier_pack:1.80:*:*:*:*:*:*:*",
"matchCriteriaId": "BEAD558D-7BE0-4739-94F8-61C291273A53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hp:ilo_amplifier_pack:1.81:*:*:*:*:*:*:*",
"matchCriteriaId": "DAACBE6E-9AB8-4AB1-A122-F1A6D294260C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hp:ilo_amplifier_pack:1.90:*:*:*:*:*:*:*",
"matchCriteriaId": "827C9C6D-3898-4475-8A48-D96286524162"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hp:ilo_amplifier_pack:1.95:*:*:*:*:*:*:*",
"matchCriteriaId": "093DA8C2-3D32-4BFA-BF8A-E8DFADC6D6C1"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04189en_us",
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1278/",
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink