Vulnerability CVE-2018-7112


Published: 2018-12-03

Description:
The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. This issue was resolved in previously provided firmware updates as follows. The HPE Windows firmware installer was updated in the system ROM updates which also addressed the original Spectre/Meltdown set of vulnerabilities. At that time, the Windows firmware installer was also updated in the versions of HPE Integrated Lights-Out 2, 3, and 4 (iLO 2, 3, and 4) listed in the security bulletin. The updated HPE Windows firmware installer was released in the system ROM and HPE Integrated Lights-Out (iLO) releases documented in earlier HPE Security Bulletins: HPESBHF03805, HPESBHF03835, HPESBHF03831. Windows-based systems that have already been updated to the system ROM or iLO versions described in these security bulletins require no further action.

Type:

CWE-200

(Information Exposure)

Vendor: HP
Product: Proliant sl4545 g7 server (amd) firmware 
Version: 2018.03.14(a);
Product: Integrated lights-out 2 firmware 
Version:
2.25
2.23
2.22
2.20
2.15
2.12
1.77
1.75
1.70
1.30
1.20
1.10
1.00
Product: Integrated lights-out 4 firmware 
Version:
2.03
2.01
1.20
1.13
1.11
Product: Integrated lights-out 3 firmware 
Version:
1.80
1.55
1.50
1.28
1.26
1.20
1.05
1.00
Product: Proliant ml110 g6 server firmware 
Product: Proliant dl160 g6 server firmware 
Product: Proliant sl160s g6 server firmware 
Product: Proliant dl170h g6 server firmware 
Product: Proliant sl2x170z g6 server firmware 
Product: Proliant dl120 g6 server firmware 
Product: Proliant ml150 g6 server firmware 
Product: Proliant dl170e g6 server firmware 
Product: Proliant sl170z g6 server firmware 
Product: Proliant dl180 g6 server firmware 
Product: Proliant dl380 g7 server firmware 

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.9/10
6.9/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
None
None

 References:
http://www.securitytracker.com/id/1041984
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03805en_us
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03835en_us
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03869en_us

Related CVE
CVE-2018-5927
HP Support Assistant before 8.7.50.3 allows an unauthorized person with local access to load arbitrary code.
CVE-2018-5926
A potential vulnerability has been identified in HP Remote Graphics Software?s certificate authentication process version 7.5.0 and earlier.
CVE-2018-5923
In HP LaserJet Enterprise, HP PageWide Enterprise, HP LaserJet Managed, and HP OfficeJet Enterprise Printers, solution application signature checking may allow potential execution of arbitrary code.
CVE-2017-2752
A potential security vulnerability caused by incomplete obfuscation of application configuration information was discovered in Tommy Hilfiger TH24/7 Android app versions 2.0.0.11, 2.0.1.14, 2.1.0.16, and 2.2.0.19. HP has no access to customer data as...
CVE-2017-2748
A potential security vulnerability caused by the use of insecure (http) transactions during login has been identified with early versions of the Isaac Mizrahi Smartwatch mobile app. HP has no access to customer data as a result of this issue.
CVE-2019-3484
Mitigates a remote code execution issue in ArcSight Logger versions prior to 6.7.
CVE-2019-3483
Mitigates a potential information leakage issue in ArcSight Logger versions prior to 6.7.
CVE-2019-3482
Mitigates a directory traversal issue in ArcSight Logger versions prior to 6.7.

Copyright 2019, cxsecurity.com

 

Back to Top