Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2021-26588
HistoryOct 11, 2021 - 5:15 p.m.

CVE-2021-26588

2021-10-1117:15:07
[email protected]
web.nvd.nist.gov
2
hpe
3par
primera
alletra 9000
security vulnerability
remote code execution
unauthenticated user
confidentiality
integrity
availability
firmware update
mitigation.

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

70.3%

JSON

A potential security vulnerability has been identified in HPE 3PAR StoreServ, HPE Primera Storage and HPE Alletra 9000 Storage array firmware. An unauthenticated user could remotely exploit the low complexity issue to execute code as administrator. This vulnerability impacts completely the confidentiality, integrity, availability of the array. HPE has made the following software updates and mitigation information to resolve the vulnerability in 3PAR, Primera and Alletra 9000 firmware.

Affected configurations

Nvd
Node
hpe3par_storeserv_10400Match-
OR
hpe3par_storeserv_10800Match-
OR
hpe3par_storeserv_20000Match-
OR
hpe3par_storeserv_7200cMatch-
OR
hpe3par_storeserv_7400cMatch-
OR
hpe3par_storeserv_7440cMatch-
OR
hpe3par_storeserv_8000Match-
OR
hpe3par_storeserv_9000Match-
AND
hpe3par_osMatch3.3.1_mp5_p156
OR
hpe3par_osMatch3.3.1_mu1
OR
hpe3par_osMatch3.3.1_mu2_p157
OR
hpe3par_osMatch3.3.2_ga_p_01
Node
hpeprimera_630Match-
AND
hpeprimera_630_firmwareRange4.0.04.3.3
Node
hpeprimera_650Match-
AND
hpeprimera_650_firmwareRange4.0.04.3.3
Node
hpeprimera_670Match-
AND
hpeprimera_670_firmwareRange4.0.04.3.3
Node
hpealletra_9060Match-
AND
hpealletra_9060_firmwareRange9.3.09.4.0
Node
hpealletra_9080Match-
AND
hpealletra_9080_firmwareRange9.3.09.4.0
VendorProductVersionCPE
hpe3par_storeserv_10400-cpe:2.3:h:hpe:3par_storeserv_10400:-:*:*:*:*:*:*:*
hpe3par_storeserv_10800-cpe:2.3:h:hpe:3par_storeserv_10800:-:*:*:*:*:*:*:*
hpe3par_storeserv_20000-cpe:2.3:h:hpe:3par_storeserv_20000:-:*:*:*:*:*:*:*
hpe3par_storeserv_7200c-cpe:2.3:h:hpe:3par_storeserv_7200c:-:*:*:*:*:*:*:*
hpe3par_storeserv_7400c-cpe:2.3:h:hpe:3par_storeserv_7400c:-:*:*:*:*:*:*:*
hpe3par_storeserv_7440c-cpe:2.3:h:hpe:3par_storeserv_7440c:-:*:*:*:*:*:*:*
hpe3par_storeserv_8000-cpe:2.3:h:hpe:3par_storeserv_8000:-:*:*:*:*:*:*:*
hpe3par_storeserv_9000-cpe:2.3:h:hpe:3par_storeserv_9000:-:*:*:*:*:*:*:*
hpe3par_os3.3.1_mp5_p156cpe:2.3:o:hpe:3par_os:3.3.1_mp5_p156:*:*:*:*:*:*:*
hpe3par_os3.3.1_mu1cpe:2.3:o:hpe:3par_os:3.3.1_mu1:*:*:*:*:*:*:*
Rows per page:
1-10 of 221

Related

cvelist 1
prion 1
cve 1
cvelist
cvelist
CVE-2021-26588
2021-10-11 16:46:31
prion
prion
Information disclosure
2021-10-11 17:15:00
cve
cve
CVE-2021-26588
2021-10-11 17:15:07

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

70.3%

JSON
Related for NVD:CVE-2021-26588
cvelist1prion1cve1