What is the severity of CVE-2021-29208?

The severity of CVE-2021-29208 is medium, with a severity value of 4.8.

What is the affected software for CVE-2021-29208?

The affected software for CVE-2021-29208 includes HPE Integrated Lights-Out 4 (iLO 4), HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers, HPE SimpliVity 380 Gen10, HPE SimpliVity 2600, and more.

What is the description of CVE-2021-29208?

CVE-2021-29208 is a remote DOM XSS and CRLF injection vulnerability discovered in HPE Integrated Lights-Out 4 (iLO 4), HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers, HPE SimpliVity 380 Gen9, and other HPE software.

How do I fix CVE-2021-29208?

To fix CVE-2021-29208, it is recommended to apply the necessary security patches provided by HPE and follow the recommendations outlined in the official security advisory.

Where can I find more information about CVE-2021-29208?

You can find more information about CVE-2021-29208 in the official security advisory provided by HPE.

Vulnerability/
CVE-2021-29208

medium

4.8

CWE

74 79 93

25/5/2021

25/4/2022

CVE-2021-29208: XSS

First published: Tue May 25 2021(Updated: )

A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.

Credit: security-alert@hpe.com

Affected Software	Affected Version	How to fix
HP Integrated Lights-Out 4	<2.78
Hp Simplivity 380 Gen9
Hp Integrated Lights-out 5	<2.44
Hp Proliant Bl460c Gen10 Server Blade
Hp Proliant Dl120 Gen10 Server
Hp Proliant Dl160 Gen10 Server
Hp Proliant Dl180 Gen10 Server
Hp Proliant Dl20 Gen10 Server
Hp Proliant Dl325 Gen10 Plus Server
Hp Proliant Dl325 Gen10 Server
Hp Proliant Dl360 Gen10 Server
Hp Proliant Dl380 Gen10 Server
Hp Proliant Dl385 Gen10 Plus Server
Hp Proliant Dl385 Gen10 Server
Hp Proliant Dl560 Gen10 Server
Hp Proliant Dl580 Gen10 Server
Hp Proliant Ml110 Gen10 Server
Hp Proliant Ml30 Gen10 Server
Hp Proliant Ml350 Gen10 Server
Hp Proliant Xl170r Gen10 Server
Hp Proliant Xl190r Gen10 Server
Hp Proliant Xl230k Gen10 Server
Hp Proliant Xl270d Gen10 Server
Hp Proliant Xl450 Gen10 Server
Hp Simplivity 2600
Hp Simplivity 325
Hp Simplivity 380 Gen10
Hp Simplivity 380 Gen10 G
Hp Simplivity 380 Gen10 H

Never miss a vulnerability like this again

Reference Links

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04134en_us

Frequently Asked Questions

What is the severity of CVE-2021-29208?
The severity of CVE-2021-29208 is medium, with a severity value of 4.8.
What is the affected software for CVE-2021-29208?
The affected software for CVE-2021-29208 includes HPE Integrated Lights-Out 4 (iLO 4), HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers, HPE SimpliVity 380 Gen10, HPE SimpliVity 2600, and more.
What is the description of CVE-2021-29208?
CVE-2021-29208 is a remote DOM XSS and CRLF injection vulnerability discovered in HPE Integrated Lights-Out 4 (iLO 4), HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers, HPE SimpliVity 380 Gen9, and other HPE software.
How do I fix CVE-2021-29208?
To fix CVE-2021-29208, it is recommended to apply the necessary security patches provided by HPE and follow the recommendations outlined in the official security advisory.
Where can I find more information about CVE-2021-29208?
You can find more information about CVE-2021-29208 in the official security advisory provided by HPE.