CVE-2018-7112

First published: Mon Dec 03 2018(Updated: )

The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. This issue was resolved in previously provided firmware updates as follows. The HPE Windows firmware installer was updated in the system ROM updates which also addressed the original Spectre/Meltdown set of vulnerabilities. At that time, the Windows firmware installer was also updated in the versions of HPE Integrated Lights-Out 2, 3, and 4 (iLO 2, 3, and 4) listed in the security bulletin. The updated HPE Windows firmware installer was released in the system ROM and HPE Integrated Lights-Out (iLO) releases documented in earlier HPE Security Bulletins: HPESBHF03805, HPESBHF03835, HPESBHF03831. Windows-based systems that have already been updated to the system ROM or iLO versions described in these security bulletins require no further action.

Credit: security-alert@hpe.com

Affected Software	Affected Version	How to fix
Hp Integrated Lights-out 2 Firmware	<2.33
Hp Integrated Lights-out 2
Hp Proliant Gen6 Server
Hp Integrated Lights-out 3 Firmware	<1.90
Hp Integrated Lights-out
Hp Proliant Gen7 Server
Hp Integrated Lights-out 4 Firmware	<2.60
Hp Proliant Gen8 Server
Hp Proliant Xl750f Gen9 Server Firmware	<2.56_01-22-2018
Hp Proliant Xl750f Gen9 Server
Hp Proliant Xl740f Gen9 Server Firmware	<2.56_01-22-2018
Hp Proliant Xl740f Gen9 Server
Hp Proliant Xl730f Gen9 Server Firmware	<2.56_01-22-2018
Hp Proliant Xl730f Gen9 Server
Hp Proliant Xl450 Gen9 Server Firmware	<2.56_01-22-2018
Hp Proliant Xl450 Gen9 Server
Hp Proliant Xl270d Gen9 Server Firmware	<2.56_01-22-2018
Hp Proliant Xl270d Gen9 Server
Hp Proliant Xl270d Gen9 Accelerator Tray Firmware	<2.56_01-22-2018
Hp Proliant Xl270d Gen9 Accelerator Tray
Hp Proliant Xl260a Gen9 Server Firmware	<1.60_01-22-2018
Hp Proliant Xl260a Gen9 Server
Hp Proliant Xl250a Gen9 Server Firmware	<2.56_01-22-2018
Hp Proliant Xl250a Gen9 Server
Hp Proliant Xl230a Gen9 Server Firmware	<2.56_01-22-2018
Hp Proliant Xl230a Gen9 Server
Hp Proliant Xl190r Gen9 Server Firmware	<2.56_01-22-2018
Hp Proliant Xl190r Gen9 Server
Hp Proliant Xl170r Gen9 Server Firmware	<2.56_01-22-2018
Hp Proliant Xl170r Gen9 Server
Hp Proliant Dl560 Gen9 Server Firmware	<2.56_01-22-2018
Hp Proliant Dl560 Gen9 Server
Hp Proliant Dl380 Gen9 Server Firmware	<2.56_01-22-2018
Hp Proliant Dl380 Gen9 Server
Hp Proliant Dl360 Gen9 Server Firmware	<2.56_01-22-2018
Hp Proliant Dl360 Gen9 Server
Hp Proliant Dl180 Gen9 Server Firmware	<2.56_01-22-2018
Hp Proliant Dl180 Gen9 Server
Hp Proliant Dl160 Gen9 Server Firmware	<2.56_01-22-2018
Hp Proliant Dl160 Gen9 Server
Hp Proliant Dl120 Gen9 Server Firmware	<2.56_01-22-2018
Hp Proliant Dl120 Gen9 Server
Hp Proliant Dl80 Gen9 Server Firmware	<2.56_01-22-2018
Hp Proliant Dl80 Gen9 Server
Hp Proliant Dl60 Gen9 Server Firmware	<2.56_01-22-2018
Hp Proliant Dl60 Gen9 Server
Hp Proliant Dl20 Gen9 Server Firmware	<2.56_01-22-2018
Hp Proliant Dl20 Gen9 Server
Hp Proliant Ml350 Gen9 Server Firmware	<2.56_01-22-2018
Hp Proliant Ml350 Gen9 Server
Hp Proliant Ml150 Gen9 Server Firmware	<2.56_01-22-2018
Hp Proliant Ml150 Gen9 Server
Hp Proliant Ml110 Gen9 Server Firmware	<2.56_01-22-2018
Hp Proliant Ml110 Gen9 Server
Hp Proliant Ml30 Gen9 Server Firmware	<2.56_01-22-2018
Hp Proliant Ml30 Gen9 Server
Hp Proliant Ml10 Gen9 Server Firmware	<2018.01.22
Hp Proliant Ml10 Gen9 Server
Hp Proliant Bl660c Gen9 Server Firmware	<2.56_01-22-2018
Hp Proliant Bl660c Gen9 Server
Hp Proliant Bl460c Gen9 Server Blade Firmware	<2.56_01-22-2018
Hp Proliant Bl460c Gen9 Server Blade
Hp Proliant Ws460c Gen9 Workstation Firmware	<2.56_01-22-2018
Hp Proliant Ws460c Gen9 Workstation
Hp Proliant Dl380e Gen8 Server Firmware	<2018.01.22
Hp Proliant Dl380e Gen8 Server
Hp Proliant Dl360p Gen8 Server Firmware	<2018.01.22
Hp Proliant Dl360p Gen8 Server
Hp Proliant Dl360e Gen8 Server Firmware	<2018.01.22
Hp Proliant Dl360e Gen8 Server
Hp Proliant Dl320e Gen8 Server Firmware	<2018.01.22
Hp Proliant Dl320e Gen8 Server
Hp Proliant Dl320e Gen8 V2 Server Firmware	<2018.01.22
Hp Proliant Dl320e Gen8 V2 Server
Hp Proliant Dl160 Gen8 Server Firmware	<2018.01.22
Hp Proliant Dl160 Gen8 Server
Hp Proliant Sl250s Gen8 Server Firmware	<2018.01.22
Hp Proliant Sl250s Gen8 Server
Hp Proliant Sl210t Gen8 Server Firmware	<2018.01.22
Hp Proliant Sl210t Gen8 Server
Hp Proliant Bl660c Gen8 Server Blade Firmware	<2018.01.22
Hp Proliant Bl660c Gen8 Server
Hp Proliant Bl465c Gen8 \(amd\) Firmware	<2018.03.14
Hp Proliant Bl465c Gen8 \(amd\)
Hp Proliant Bl460c Gen8 Server Blade Firmware	<2018.01.22
Hp Proliant Bl460c Gen8 Server Blade
Hp Proliant Bl420c Gen8 Server Firmware	<2018.01.22
Hp Proliant Bl420c Gen8 Server
Hp Proliant Sl4540 Gen8 1 Node Server Firmware	<2018.01.22
Hp Proliant Sl4540 Gen8 1 Node Server
Hp Proliant Sl270s Gen8 Server Firmware	<2018.01.22
Hp Proliant Sl270s Gen8 Server
Hp Proliant Dl580 Gen8 Server Firmware	<2.00_02-22-2018
Hp Proliant Dl580 Gen8 Server
Hp Proliant Dl560 Gen8 Server Firmware	<2018.01.22
Hp Proliant Dl560 Gen8 Server
Hp Proliant Dl380p Gen8 Server Firmware	<2018.01.22
Hp Proliant Dl380p Gen8 Server
Hp Proliant Dl385p Gen8 \(amd\) Firmware	<2018.03.14
Hp Proliant Dl385p Gen8 \(amd\)
Hp Proliant Ml350e Gen8 V2 Server Firmware	<2018.01.22
Hp Proliant Ml350e Gen8 V2 Server
Hp Proliant Ml350e Gen8 Server Firmware	<2018.01.22
Hp Proliant Ml350e Gen8 Server
Hp Proliant Ml350p Gen8 Server Firmware	<2018.01.22
Hp Proliant Ml350p Gen8 Server
Hp Proliant Ml310e Gen8 V2 Server Firmware	<2018.01.22
Hp Proliant Ml310e Gen8 V2 Server
Hp Proliant Ml310e Gen8 Server Firmware	<2018.01.22
Hp Proliant Ml310e Gen8 Server
Hp Proliant Microserver Gen8 Firmware	<2018.01.22
Hp Proliant Microserver Gen8
Hp Proliant M710 Server Cartridge Firmware	<2018.01.22
Hp Proliant M710 Server Cartridge
Hp Proliant M710p Server Cartridge Firmware	<2018.01.22
Hp Proliant M710p Server Cartridge
Hp Proliant M710x Server Cartridge Firmware	<1.64_01-22-2018
Hp Proliant M710x Server Cartridge
Hp Proliant M510 Server Cartridge Firmware	<1.64_01-22-2018
Hp Proliant M510 Server Cartridge
Hp Proliant M350 Server Cartridge Firmware	<2018.01.22
Hp Proliant M350 Server Cartridge
Hp Proliant M300 Server Cartridge Firmware	<2018.01.22
Hp Proliant M300 Server Cartridge
Hp Proliant Bl2x220c G7 Server Blade Firmware	<2018.05.21
Hp Proliant Bl2x220c G7 Server Blade
Hp Proliant Dl585 G7 Server \(amd\) Firmware	<2018.03.14
Hp Proliant Dl585 G7 Server \(amd\)
Hp Proliant Dl980 G7 Server Firmware	<2018.05.21
Hp Proliant Dl980 G7 Server
Hp Proliant Dl580 G7 Server Firmware	<2018.05.21
Hp Proliant Dl580 G7 Server
Hp Proliant Dl385 G7 Server Firmware	<2018.03.14
Hp Proliant Dl385 G7 Server
Hp Proliant Dl380 G7 Server Firmware
Hp Proliant Dl380 G7 Server
Hp Proliant Dl120 G7 Server Firmware	<2018.05.21
Hp Proliant Dl120 G7 Server
Hp Proliant Dl360 G7 Server Firmware	<2018.05.21
Hp Proliant Dl360 G7 Server
Hp Proliant Bl685c G7 Server Blade \(amd\) Firmware	<2018.03.14
Hp Proliant Bl685c G7 Server Blade \(amd\)
Hp Proliant Bl680c G7 Server Blade Firmware	<2018.05.21
Hp Proliant Bl680c G7 Server Blade
Hp Proliant Bl620c G7 Server Blade Firmware	<2018.05.21
Hp Proliant Bl620c G7 Server Blade
Hp Proliant Bl490c G7 Server Blade Firmware	<2018.05.21
Hp Proliant Bl490c G7 Server Blade
Hp Proliant Bl465c G7 Server Blade Firmware	<2018.03.14
Hp Proliant Bl465c G7 Server Blade
Hp Proliant Bl460c G7 Server Blade Firmware	<2018.05.21
Hp Proliant Bl460c G7 Server Blade
Hp Proliant Sl390s G7 Server Firmware	<2018.05.21
Hp Proliant Sl390s G7 Server
Hp Proliant Ml110 G7 Server Firmware	<2018.05.21
Hp Proliant Ml110 G7 Server
Hp Proliant Ml10 V2 Server Firmware	<2018.01.22
Hp Proliant Ml10 V2 Server
Hp Proliant Sl4545 G7 Server \(amd\) Firmware	=2018.03.14\(a\)
Hp Proliant Sl4545 G7 Server \(amd\)
Hp Proliant Thin Micro Tm200 Server Firmware	<2.56_01-22-2018
Hp Proliant Thin Micro Tm200 Server
Hp Proliant Dl380 G6 Server Firmware	<2018.05.21
Hp Proliant Dl380 G6 Server
Hp Proliant Dl370 G6 Server Firmware	<2018.05.21
Hp Proliant Dl370 G6 Server
Hp Proliant Dl360 G6 Server Firmware	<2018.05.21
Hp Proliant Dl360 G6 Server
Hp Proliant Dl320 G6 Server Firmware	<2018.05.21
Hp Proliant Dl320 G6 Server
Hp Proliant Dl180 G6 Server Firmware
Hp Proliant Dl180 G6 Server
Hp Proliant Dl170h G6 Server Firmware
Hp Proliant Dl170h G6 Server
Hp Proliant Dl170e G6 Server Firmware
Hp Proliant Dl170e G6 Server
Hp Proliant Dl160 G6 Server Firmware
Hp Proliant Dl160 G6 Server
Hp Proliant Dl120 G6 Server Firmware
Hp Proliant Dl120 G6 Server
Hp Proliant Ml370 G6 Server Firmware	<2018.05.21
Hp Proliant Ml370 G6 Server
Hp Proliant Ml350 G6 Server Firmware	<2018.05.21
Hp Proliant Ml350 G6 Server
Hp Proliant Ml330 G6 Server Firmware	<2018.05.21
Hp Proliant Ml330 G6 Server
Hp Proliant Ml150 G6 Server Firmware
Hp Proliant Ml150 G6 Server
Hp Proliant Ml110 G6 Server Firmware
Hp Proliant Ml110 G6 Server
Hp Proliant Sl2x170z G6 Server Firmware
Hp Proliant Sl2x170z G6 Server
Hp Proliant Bl490c G6 Server Blade Firmware	<2018.05.21
Hp Proliant Bl490c G6 Server Blade
Hp Proliant Bl460c G6 Server Blade Firmware	<2018.05.21
Hp Proliant Bl460c G6 Server Blade
Hp Proliant Sl170z G6 Server Firmware
Hp Proliant Sl170z G6 Server
Hp Proliant Sl160s G6 Server Firmware
Hp Proliant Sl160s G6 Server
Hp Proliant Bl2x220c G6 Server Blade Firmware	<2018.05.21
Hp Proliant Bl2x220c G6 Server Blade
Hp Proliant Bl280c G6 Server Bladefirmware	<2018.05.21
Hp Proliant Bl280c G6 Server

CVE-2018-7112

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact