تنبيه HPE
2627تاريخ التحذير
مستوى الخطورة
رقم التحذير
القطاع المستهدف
18 سبتمبر, 2022
● عالي
2022-5255
الكل
أصدرت HPE تحديثاً لمعالجة عددٍ من الثغرات في المنتجات التالية:
- HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers - Prior to 2.72
- HPE Apollo 2000 Gen10 Plus System - Prior to 2.72
- HPE Apollo 4200 Gen10 Plus System - Prior to 2.72
- HPE Apollo 4200 Gen10 Server - Prior to 2.72 - HPE ProLiant XL420 Gen10 Server
- HPE Apollo 4500 System - Prior to 2.72
- HPE Apollo 4510 Gen10 System - Prior to 2.72
- HPE Apollo 6500 Gen10 Plus System - Prior to 2.72
- HPE Apollo n2600 Gen10 Plus - Prior to 2.72
- HPE Apollo n2800 Gen10 Plus - Prior to 2.72
- HPE Apollo r2000 Chassis - Prior to 2.72 - HPE Apollo r2800 Gen10 , r2600 Gen10, r2800 Gen10
- HPE Edgeline e920 Server Blade - Prior to 2.72
- HPE Edgeline e920d Server Blade - Prior to 2.72
- HPE Edgeline e920t Server Blade - Prior to 2.72
- HPE ProLiant BL460c Gen10 Server Blade - Prior to 2.72
- HPE ProLiant DL110 Gen10 Plus Telco server - Prior to 2.72
- HPE ProLiant DL160 Gen10 Server - Prior to 2.72
- HPE ProLiant DL180 Gen10 Server - Prior to 2.72
- HPE ProLiant DL20 Gen10 Plus server - Prior to 2.72
- HPE ProLiant DL20 Gen10 Server - Prior to 2.72
- HPE ProLiant DL325 Gen10 Plus server - Prior to 2.72
- HPE ProLiant DL325 Gen10 Plus v2 server - Prior to 2.72
- HPE ProLiant DL325 Gen10 Server - Prior to 2.72
- HPE ProLiant DL345 Gen10 Plus server - Prior to 2.72
- HPE ProLiant DL360 Gen10 Plus server - Prior to 2.72
- HPE ProLiant DL360 Gen10 Server - Prior to 2.72
- HPE ProLiant DL365 Gen10 Plus server - Prior to 2.72
- HPE ProLiant DL380 Gen10 Plus server - Prior to 2.72
- HPE ProLiant DL380 Gen10 Server - Prior to 2.72
- HPE ProLiant DL385 Gen10 Plus server - Prior to 2.72
- HPE ProLiant DL385 Gen10 Plus v2 server - Prior to 2.72
- HPE ProLiant DL385 Gen10 Server - Prior to 2.72
- HPE ProLiant DL560 Gen10 Server - Prior to 2.72
- HPE ProLiant DL580 Gen10 Server - Prior to 2.72
- HPE ProLiant DX170r Gen10 server - Prior to 2.72
- HPE ProLiant DX190r Gen10 server - Prior to 2.72
- HPE ProLiant DX220n Gen10 Plus server - Prior to 2.72
- HPE ProLiant DX325 Gen10 Plus v2 server - Prior to 2.72
- HPE ProLiant DX360 Gen10 Plus server - Prior to 2.72
- HPE ProLiant DX360 Gen10 server - Prior to 2.72
- HPE ProLiant DX380 Gen10 Plus server - Prior to 2.72
- HPE ProLiant DX380 Gen10 server - Prior to 2.72
- HPE ProLiant DX385 Gen10 Plus server - Prior to 2.72
- HPE ProLiant DX385 Gen10 Plus v2 server - Prior to 2.72
- HPE ProLiant DX560 Gen10 server - Prior to 2.72
- HPE ProLiant DX4200 Gen10 server - Prior to 2.72
- HPE ProLiant e910 Server Blade - Prior to 2.72
- HPE ProLiant e910t Server Blade - Prior to 2.72
- HPE ProLiant m750 Server Blade - Prior to 2.72
- HPE ProLiant MicroServer Gen10 Plus - Prior to 2.72
- HPE ProLiant ML30 Gen10 Plus server - Prior to 2.72
- HPE ProLiant ML30 Gen10 Server - Prior to 2.72
- HPE ProLiant ML110 Gen10 Server - Prior to 2.72
- HPE ProLiant ML350 Gen10 Server - Prior to 2.72
- HPE ProLiant XL170r Gen10 Server - Prior to 2.72
- HPE ProLiant XL190r Gen10 Server - Prior to 2.72
- HPE ProLiant XL220n Gen10 Plus Server - Prior to 2.72
- HPE ProLiant XL225n Gen10 Plus 1U Node - Prior to 2.72
- HPE ProLiant XL230k Gen10 Server - Prior to 2.72
- HPE ProLiant XL270d Gen10 Server - Prior to 2.72
- HPE ProLiant XL290n Gen10 Plus Server - Prior to 2.72
- HPE ProLiant XL450 Gen10 Server - Prior to 2.72
- HPE ProLiant XL645d Gen10 Plus Server - Prior to 2.72
- HPE ProLiant XL675d Gen10 Plus Server - Prior to 2.72
- HPE ProLiant XL925g Gen10 Plus 1U 4-node Configure-to-order Server - Prior to 2.72
- HPE Storage File Controller - Prior to 2.72
- HPE Storage Performance File Controller - Prior to 2.72
- HPE StoreEasy 1460 Storage - Prior to 2.72
- HPE StoreEasy 1560 Storage - Prior to 2.72
- HPE StoreEasy 1660 Expanded Storage - Prior to 2.72
- HPE StoreEasy 1660 Performance Storage - Prior to 2.72
- HPE StoreEasy 1660 Storage - Prior to 2.72
- HPE StoreEasy 1860 Performance Storage - Prior to 2.72
- HPE StoreEasy 1860 Storage - Prior to 2.72
- ClearPass Policy Manager 6.10.x: 6.10.6 and below
- ClearPass Policy Manager 6.9.x: 6.9.11 and below
يمكن للمهاجم استغلال الثغرات وتنفيذ ما يلي:
- الكشف والإفصاح عن معلومات حساسة
- رفع وترقية الصلاحيات
- هجمة حجب الخدمة
يوصي المركز بتحديث النسخ المتأثرة، حيث أصدرت HPE توضيحًا لهذه التحديثات: