CVE-2017-8959
First published: Thu Feb 15 2018(Updated: )
An Authentication Bypass vulnerability in HPE MSA 1040 and HPE MSA 2040 SAN Storage in version GL220P008 and earlier and was found.
Credit: security-alert@hpe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| HPE MSA 1040 Firmware | <=gl220p008 | |
| HP MSA 1040 SAN Storage Firmware | ||
| HPE MSA 2040 Firmware | <=gl220p008 | |
| HP MSA 2040 SAN Storage |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2017-8959?
CVE-2017-8959 has been classified with a critical severity rating due to its potential for authentication bypass.
How do I fix CVE-2017-8959?
To mitigate CVE-2017-8959, upgrade the HPE MSA 1040 or HPE MSA 2040 SAN Storage Firmware to a version later than GL220P008.
Which products are affected by CVE-2017-8959?
CVE-2017-8959 affects HPE MSA 1040 and HPE MSA 2040 SAN Storage systems running GL220P008 or earlier.
What is the impact of CVE-2017-8959?
The impact of CVE-2017-8959 is that unauthorized users may gain access to sensitive storage resources.
Is my HPE MSA 1040 or HPE MSA 2040 vulnerable if it is updated?
If your HPE MSA 1040 or HPE MSA 2040 has been updated to a firmware version after GL220P008, it is not vulnerable to CVE-2017-8959.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/severity
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/hp
- canonical/hpe msa 1040 firmware
- version/hpe msa 1040 firmware/gl220p008
- canonical/hp msa 1040 san storage firmware
- canonical/hpe msa 2040 firmware
- version/hpe msa 2040 firmware/gl220p008
- canonical/hp msa 2040 san storage