CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
70.3%
A potential security vulnerability has been identified in HPE 3PAR StoreServ, HPE Primera Storage and HPE Alletra 9000 Storage array firmware. An unauthenticated user could remotely exploit the low complexity issue to execute code as administrator. This vulnerability impacts completely the confidentiality, integrity, availability of the array. HPE has made the following software updates and mitigation information to resolve the vulnerability in 3PAR, Primera and Alletra 9000 firmware.
Vendor | Product | Version | CPE |
---|---|---|---|
hpe | 3par_storeserv_10400 | - | cpe:2.3:h:hpe:3par_storeserv_10400:-:*:*:*:*:*:*:* |
hpe | 3par_storeserv_10800 | - | cpe:2.3:h:hpe:3par_storeserv_10800:-:*:*:*:*:*:*:* |
hpe | 3par_storeserv_20000 | - | cpe:2.3:h:hpe:3par_storeserv_20000:-:*:*:*:*:*:*:* |
hpe | 3par_storeserv_7200c | - | cpe:2.3:h:hpe:3par_storeserv_7200c:-:*:*:*:*:*:*:* |
hpe | 3par_storeserv_7400c | - | cpe:2.3:h:hpe:3par_storeserv_7400c:-:*:*:*:*:*:*:* |
hpe | 3par_storeserv_7440c | - | cpe:2.3:h:hpe:3par_storeserv_7440c:-:*:*:*:*:*:*:* |
hpe | 3par_storeserv_8000 | - | cpe:2.3:h:hpe:3par_storeserv_8000:-:*:*:*:*:*:*:* |
hpe | 3par_storeserv_9000 | - | cpe:2.3:h:hpe:3par_storeserv_9000:-:*:*:*:*:*:*:* |
hpe | 3par_os | 3.3.1_mp5_p156 | cpe:2.3:o:hpe:3par_os:3.3.1_mp5_p156:*:*:*:*:*:*:* |
hpe | 3par_os | 3.3.1_mu1 | cpe:2.3:o:hpe:3par_os:3.3.1_mu1:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
70.3%