Advisory No: TZCERT/SA/2024/05/31-2
Date of First Release: 31st May 2024
Source: Hewlett-Packard (HP)
Software Affected: Servers
Overview:
HPE ProLiant and HPE Edgeline Servers are vulnerable to multiple high severity vulnerabilities. The attackers can leverage the vulnerabilities to take control of the affected system.
Description:
The five high-severity vulnerabilities among other vulnerabilities affecting the HPE ProLiant and Edgeline servers are tracked as CVE-2023-45229, CVE-2023-45230, CVE-2023-45234, CVE-2023-45235 and CVE-2021-38575. These vulnerabilities could be remotely exploited to allow remote code execution, denial of service, information disclosure and local unauthorized access.
Impact:
Successful exploitation of these vulnerabilities may allow an attacker to take control of the vulnerable system
Solution:
HP has released security patches for these vulnerabilities. Users and administrators are encouraged to apply necessary updates.
References:
- https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbhf04593en_us&docLocale=en_US