CVE-2021-29206: XSS
First published: Tue May 25 2021(Updated: )
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
Credit: security-alert@hpe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| HP Integrated Lights-Out 4 | <2.78 | |
| Hp Simplivity 380 Gen9 | ||
| Hp Integrated Lights-out 5 | <2.44 | |
| Hp Proliant Bl460c Gen10 Server Blade | ||
| Hp Proliant Dl120 Gen10 Server | ||
| Hp Proliant Dl160 Gen10 Server | ||
| Hp Proliant Dl180 Gen10 Server | ||
| Hp Proliant Dl20 Gen10 Server | ||
| Hp Proliant Dl325 Gen10 Plus Server | ||
| Hp Proliant Dl325 Gen10 Server | ||
| Hp Proliant Dl360 Gen10 Server | ||
| Hp Proliant Dl380 Gen10 Server | ||
| Hp Proliant Dl385 Gen10 Plus Server | ||
| Hp Proliant Dl385 Gen10 Server | ||
| Hp Proliant Dl560 Gen10 Server | ||
| Hp Proliant Dl580 Gen10 Server | ||
| Hp Proliant Ml110 Gen10 Server | ||
| Hp Proliant Ml30 Gen10 Server | ||
| Hp Proliant Ml350 Gen10 Server | ||
| Hp Proliant Xl170r Gen10 Server | ||
| Hp Proliant Xl190r Gen10 Server | ||
| Hp Proliant Xl230k Gen10 Server | ||
| Hp Proliant Xl270d Gen10 Server | ||
| Hp Proliant Xl450 Gen10 Server | ||
| Hp Simplivity 2600 | ||
| Hp Simplivity 325 | ||
| Hp Simplivity 380 Gen10 | ||
| Hp Simplivity 380 Gen10 G | ||
| Hp Simplivity 380 Gen10 H |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2021-29206.
What is the severity of CVE-2021-29206?
The severity of CVE-2021-29206 is medium with a score of 4.8.
Which software is affected by CVE-2021-29206?
HPE Integrated Lights-Out 4 (iLO 4), HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers, and various HPE SimpliVity models are affected.
How do I fix CVE-2021-29206?
Apply the necessary patch or update provided by HP Enterprise (HPE).
Where can I find more information about CVE-2021-29206?
You can find more information about CVE-2021-29206 on the HPE Support website.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/type
- agent/event
- agent/severity
- agent/author
- agent/description
- agent/tags
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/hp
- canonical/hp integrated lights-out 4
- canonical/hp simplivity 380 gen9
- canonical/hp integrated lights-out 5
- canonical/hp proliant bl460c gen10 server blade
- canonical/hp proliant dl120 gen10 server
- canonical/hp proliant dl160 gen10 server
- canonical/hp proliant dl180 gen10 server
- canonical/hp proliant dl20 gen10 server
- canonical/hp proliant dl325 gen10 plus server
- canonical/hp proliant dl325 gen10 server
- canonical/hp proliant dl360 gen10 server
- canonical/hp proliant dl380 gen10 server
- canonical/hp proliant dl385 gen10 plus server
- canonical/hp proliant dl385 gen10 server
- canonical/hp proliant dl560 gen10 server
- canonical/hp proliant dl580 gen10 server
- canonical/hp proliant ml110 gen10 server
- canonical/hp proliant ml30 gen10 server
- canonical/hp proliant ml350 gen10 server
- canonical/hp proliant xl170r gen10 server
- canonical/hp proliant xl190r gen10 server
- canonical/hp proliant xl230k gen10 server
- canonical/hp proliant xl270d gen10 server
- canonical/hp proliant xl450 gen10 server
- canonical/hp simplivity 2600
- canonical/hp simplivity 325
- canonical/hp simplivity 380 gen10
- canonical/hp simplivity 380 gen10 g
- canonical/hp simplivity 380 gen10 h