CVE-2021-29207
Severity
4.8MEDIUM
EPSS
0.2%
top 52.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 25
Latest updateMay 24
Description
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:NExploitability: 1.7 | Impact: 2.7
Affected Packages2 packages
🔴Vulnerability Details
2GHSA▶
GHSA-92x8-g62q-w3jw: A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE↗2022-05-24
CVEList▶
CVE-2021-29207: A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE↗2021-05-25