A local unquoted search path security vulnerability has been identified in HPE Agentless Management Service for Windows version(s): Prior to 1.44.0.0, 10.96.0.0. This vulnerability could be exploited locally by a user with high privileges to execute malware that may lead to a loss of confidentiality, integrity, and availability. HPE has provided software updates to resolve the vulnerability in HPE Agentless Management Service for Windows.
References
Link | Resource |
---|---|
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04233en_us | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
History
09 Feb 2022, 16:51
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04233en_us - Vendor Advisory | |
First Time |
Microsoft windows
Microsoft Hpe synergy 480 Gen9 Hpe synergy 680 Gen9 Hpe agentless Management Hpe apollo 6500 Gen10 Plus Hpe proliant Ml Hpe Hpe apollo 20 Hpe apollo 80 Hpe apollo 6500 Hpe proliant Agentless Management Hpe synergy 620 Gen9 Hpe proliant Dl Hpe synergy 660 Gen9 Hpe apollo 2000 Gen 10 Plus |
|
CWE | CWE-428 | |
CVSS |
v2 : v3 : |
v2 : 4.6
v3 : 6.7 |
CPE | cpe:2.3:h:hpe:synergy_480_gen9:-:*:*:*:*:*:*:* cpe:2.3:h:hpe:synergy_680_gen9:-:*:*:*:*:*:*:* cpe:2.3:h:hpe:apollo_20:-:*:*:*:*:*:*:* cpe:2.3:h:hpe:apollo_80:-:*:*:*:*:*:*:* cpe:2.3:h:hpe:apollo_6500:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:x64:* cpe:2.3:h:hpe:proliant_dl:-:*:*:*:*:*:*:* cpe:2.3:h:hpe:proliant_ml:-:*:*:*:*:*:*:* cpe:2.3:a:hpe:agentless_management:*:*:*:*:*:*:*:* cpe:2.3:h:hpe:apollo_2000_gen_10_plus:-:*:*:*:*:*:*:* cpe:2.3:a:hpe:proliant_agentless_management:*:*:*:*:*:*:*:* cpe:2.3:h:hpe:synergy_660_gen9:-:*:*:*:*:*:*:* cpe:2.3:h:hpe:synergy_620_gen9:-:*:*:*:*:*:*:* cpe:2.3:h:hpe:apollo_6500_gen10_plus:-:*:*:*:*:*:*:* |
04 Feb 2022, 23:28
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-02-04 23:15
Updated : 2023-12-10 14:09
NVD link : CVE-2021-29218
Mitre link : CVE-2021-29218
CVE.ORG link : CVE-2021-29218
JSON object : View
Products Affected
hpe
- proliant_dl
- synergy_680_gen9
- apollo_6500
- apollo_20
- agentless_management
- apollo_6500_gen10_plus
- synergy_480_gen9
- synergy_660_gen9
- apollo_2000_gen_10_plus
- apollo_80
- proliant_agentless_management
- synergy_620_gen9
- proliant_ml
microsoft
- windows
CWE
CWE-428
Unquoted Search Path or Element