Hewlett Packard Enterprise Plugs Critical Bug in Edge Platform Tool
#1
Information 
Quote:Hewlett Packard Enterprise (HPE) is urging customers to patch one of its premier edge application management tools that could allow an attacker to carry out a remote authentication bypass attack and infiltrate a customer’s cloud infrastructure.
 
Rated critical, with a CVSS score of 9.8, the bug impacts all versions of HPE’s Edgeline Infrastructure Manager (EIM) prior to version 1.21. EIM is the company’s two-year-old edge computing-management suite. Users are urged to update to HPE EIM v1.22 or later to fix the bug.
 
Researchers at Tenable first identified the vulnerability (CVE-2021-29203) in late January, notifying HPE on February 1 of the critical bug. HPE released fixes for bug on Thursday. More than a dozen versions of software are impacted, running on operating systems ranging from CentOS 7, Red Hat Enterprise Linux, SUSE and multiple versions of Windows, according to HPE.
 
“A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software. The vulnerability could be remotely exploited to bypass remote authentication leading to execution of arbitrary commands, gaining privileged access, causing denial of service, and changing the configuration,” wrote HPE Product Security Response Team in a security bulletin posted Friday.

Read more: Hewlett Packard Enterprise Plugs Critical Bug in Edge Platform Tool | Threatpost
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Messages In This Thread
Hewlett Packard Enterprise Plugs Critical Bug in Edge Platform Tool - by silversurfer - 03 May 21, 18:58

Forum Jump:


Users browsing this thread: 2 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
XYplorer
What's new in Rele...Kool — 11:16
QOwnNotes
25.9.1 There no...Kool — 11:14
AnyViewer 5.3.0 for Windows
Version 5.3.0: ...harlan4096 — 09:59
AnyViewer 3.5.1 for Android
Version 3.5.1 A...harlan4096 — 09:41
AnyViewer 3.3.0 for macOS
Version 3.3.0: ...harlan4096 — 09:36

[-]
Birthdays
Today's Birthdays
avatar (50)diplomasync
avatar (49)Myronjax
Upcoming Birthdays
avatar (38)fapedDow
avatar (48)pohudidere
avatar (48)rarinsWax
avatar (25)DianaBrown
avatar (38)eqiduseb
avatar (45)ThomasLYDAY
avatar (40)upakoExapy
avatar (49)skepwHug
avatar (38)RicardoGoase
avatar (42)Edwardgef
avatar (43)Denpokhew
avatar (35)azidony
avatar (40)maskbSleew

[-]
Online Staff
There are no staff members currently online.

>