CVE-2021-25135

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setsmtp_func function.
Classic Buffer Overflow
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
hpeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 33%
VendorProductVersion
hpecloudline_cl3100_gen10_server_firmware
1.08.0.0
hpecloudline_cl3100_gen10_server_firmware
1.10.0.0
hpecloudline_cl4100_gen10_server_firmware
1.08.0.0
hpecloudline_cl4100_gen10_server_firmware
1.10.0.0
hpecloudline_cl5200_gen9_server_firmware
1.07.0.0
hpecloudline_cl5800_gen10_server_firmware
1.08.0.0
hpecloudline_cl5800_gen9_server_firmware
1.09.0.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us