HPE Alert
3076Warning Date
Severity Level
Warning Number
Target Sector
12 May, 2022
● High
2022-4819
All
HPE has released a security update to address several vulnerabilities in the following products:
- HPE StoreEasy 1460 Storage - Prior to 2.64_04_21_2022 - Use BIOS family U32
- HPE StoreEasy 1560 Storage - Prior to 2.64_04_21_2022 - Use BIOS family U33
- HPE StoreEasy 1660 Expanded Storage - Prior to 2.64_04_21_2022 - Use BIOS family U39
- HPE StoreEasy 1660 Performance Storage - Prior to 2.64_04_21_2022 - Use BIOS family U30
- HPE StoreEasy 1660 Storage - Prior to 2.64_04_21_2022 - Use BIOS family U30
- HPE StoreEasy 1860 Performance Storage - Prior to 2.64_04_21_2022 - Use BIOS family U32
- HPE StoreEasy 1860 Storage - Prior to 2.64_04_21_2022 - Use BIOS family U30
- HPE Storage File Controller - Prior to 2.64_04_21_2022 - Use BIOS family U32
- HPE Storage Performance File Controller - Prior to 2.64_04_21_2022 - Use BIOS family U32
- HPE 3PAR StoreServ File Controller v3 System - Prior to 2.94_04_14_2022 - Use BIOS family U14
- HPE StoreEasy 1450 Storage - Prior to 2.94_04_14_2022 - Use BIOS family P89
- HPE StoreEasy 1550 Storage - Prior to 2.94_04_14_2022 - Use BIOS family P99
- HPE StoreEasy 1650 Expanded Storage - Prior to 2.94_04_14_2022 - Use BIOS family U19
- HPE StoreEasy 1650 Storage - Prior to 2.94_04_14_2022 - Use BIOS family P89
- HPE StoreEasy 1850 Storage - Prior to 2.94_04_14_2022 - Use BIOS family P89
- HPE StoreEasy 3850 Gateway Storage - Prior to 2.94_04_14_2022 - Use BIOS family U14
- HPE StoreEasy 3850 Gateway Storage Blade - Prior to 2.94_04_14_2022 - Use BIOS family I36
- HPE StoreVirtual 3000 Storage - Prior to 2.94_04_14_2022 - Use BIOS family P86
- HPE StoreEasy 1460 Storage - Prior to 2.64_04_21_2022 - Use BIOS family U32
- HPE StoreEasy 1560 Storage - Prior to 2.64_04_21_2022 - Use BIOS family U33
- HPE StoreEasy 1660 Expanded Storage - Prior to 2.64_04_21_2022 - Use BIOS family U39
- HPE StoreEasy 1660 Performance Storage - Prior to 2.64_04_21_2022 - Use BIOS family U30
- HPE StoreEasy 1660 Storage - Prior to 2.64_04_21_2022 - Use BIOS family U30
- HPE StoreEasy 1860 Performance Storage - Prior to 2.64_04_21_2022 - Use BIOS family U32
- HPE StoreEasy 1860 Storage - Prior to 2.64_04_21_2022 - Use BIOS family U30
- HPE Storage File Controller - Prior to 2.64_04_21_2022 - Use BIOS family U32
- HPE Storage Performance File Controller - Prior to 2.64_04_21_2022 - Use BIOS family U32
- HPE ProLiant DX170r Gen10 server - Prior to 2.64_04_21_2022
- HPE ProLiant DX190r Gen10 server - Prior to 2.64_04_21_2022
- HPE ProLiant DX360 Gen10 server - Prior to 2.64_04_21_2022
- HPE ProLiant DX380 Gen10 server - Prior to 2.64_04_21_2022
- HPE ProLiant DX560 Gen10 server - Prior to 2.64_04_21_2022
- HPE ProLiant DX4200 Gen10 server - Prior to 2.64_04_21_2022
- HPE ProLiant DX170r Gen10 server - Prior to 2.64_04_21_2022
- HPE ProLiant DX190r Gen10 server - Prior to 2.64_04_21_2022
- HPE ProLiant DX360 Gen10 server - Prior to 2.64_04_21_2022
- HPE ProLiant DX380 Gen10 server - Prior to 2.64_04_21_2022
- HPE ProLiant DX560 Gen10 server - Prior to 2.64_04_21_2022
- HPE ProLiant DX4200 Gen10 server - Prior to 2.64_04_21_2022
- HPE Synergy 480 Gen10 Compute Module - Prior to System BIOS 2.64_04_21_2022
- HPE Synergy 660 Gen10 Compute Module - Prior to System BIOS 2.64_04_21_2022
- HPE Synergy 480 Gen10 Compute Module - Prior to System BIOS 2.64_04_21_2022
- HPE Synergy 660 Gen10 Compute Module - Prior to System BIOS 2.64_04_21_2022
- HPE Synergy 480 Gen9 Compute Module - Prior to System BIOS 2.94_04_14_2022
- HPE Synergy 620 Gen9 Compute Module - Prior to System BIOS 2.94_04_14_2022
- HPE Synergy 660 Gen9 Compute Module - Prior to System BIOS 2.94_04_14_2022
- HPE Synergy 680 Gen9 Compute Module - Prior to System BIOS 2.94_04_14_2022
- HPE Nimble Storage Hybrid Flash Arrays 5.0.10.0 and earlier, 5.2.1.400 and earlier, and 5.3.1.0 and earlier
- Nimble Storage All Flash Arrays 5.0.10.0 and earlier, 5.2.1.400 and earlier, and 5.3.1.0 and earlier
- Nimble Storage Secondary Flash Arrays 5.0.10.0 and earlier, 5.2.1.400 and earlier, and 5.3.1.0 and earlier
- HPE Apollo 4200 Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant BL460c Gen10 Server Blade - Prior to 2.64_04_21_2022
- HPE ProLiant DL20 Gen10 Server - Prior to 2.58_04_14_2022
- HPE ProLiant DL20 Gen10 Plus server - Prior to 1.58_04_18_2022
- HPE ProLiant DL160 Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant DL180 Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant DL360 Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant DL380 Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant DL560 Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant DL580 Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant ML30 Gen10 Server - Prior to 2.58_04_14_2022
- HPE ProLiant ML30 Gen10 Plus server - Prior to 1.58_04_18_2022
- HPE ProLiant ML110 Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant ML350 Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant MicroServer Gen10 Plus - Prior to 2.58_04_14_2022
- HPE ProLiant XL170r Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant XL190r Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant XL230k Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant XL270d Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant XL450 Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant BL460c Gen9 Server Blade - Prior to 2.94_04_14_2022
- HPE ProLiant BL480c Server Blade - Prior to 2.94_04_14_2022
- HPE ProLiant BL660c Gen9 Server - Prior to 2.94_04_14_2022
- HPE ProLiant DL20 Gen9 Server - Prior to 3.06_04_14_2022
- HPE ProLiant DL60 Gen9 Server - Prior to 2.94_04_14_2022
- HPE ProLiant DL120 Gen9 Server - Prior to 2.94_04_14_2022
- HPE ProLiant DL160 Gen9 Server - Prior to 2.94_04_14_2022
- HPE ProLiant DL180 Gen9 Server - Prior to 2.94_04_14_2022
- HPE ProLiant DL360 Gen9 Server - Prior to 2.94_04_14_2022
- HPE ProLiant DL560 Gen9 Server - Prior to 2.94_04_14_2022
- HPE ProLiant DL580 Gen9 Server - Prior to 2.94_04_14_2022
- HPE ProLiant ML30 Gen9 Server - Prior to 3.06_04_14_2022
- HPE ProLiant ML110 Gen9 Server - Prior to 2.94_04_14_2022
- HPE ProLiant ML150 Gen9 Server - Prior to 2.94_04_14_2022
- HPE ProLiant ML350 Gen9 Server - Prior to 2.94_04_14_2022
- HPE ProLiant XL170r Gen9 Server - Prior to 2.94_04_14_2022
- HPE ProLiant XL190r Gen9 Server - Prior to 2.94_04_14_2022
- HPE ProLiant XL230a Gen9 Server - Prior to 2.94_04_14_2022
- HPE ProLiant XL230b Gen9 Server - Prior to 2.94_04_14_2022
- HPE ProLiant XL270d Gen9 Accelerator Tray 2U Configure-to-order Server - Prior to 2.94_04_14_2022
- HPE ProLiant DL20 Gen10 Server - Prior to 2.58_04_14_2022
- HPE ProLiant DL20 Gen10 Plus server - Prior to 1.58_04_18_2022
- HPE ProLiant ML30 Gen10 Server - Prior to 2.58_04_14_2022
- HPE ProLiant ML30 Gen10 Plus server - Prior to 1.58_04_18_2022
- HPE ProLiant MicroServer Gen10 Plus - Prior to 2.58_04_14_2022
- HPE ProLiant DL20 Gen9 Server - Prior to 3.06_04_14_2022
- HPE ProLiant ML30 Gen9 Server - Prior to 3.06_04_14_2022
- HPE Apollo 4200 Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant BL460c Gen10 Server Blade - Prior to 2.64_04_21_2022
- HPE ProLiant DL160 Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant DL180 Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant DL360 Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant DL380 Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant DL560 Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant DL580 Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant ML110 Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant ML350 Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant XL170r Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant XL190r Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant XL230k Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant XL270d Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant XL450 Gen10 Server - Prior to 2.64_04_21_2022
- HPE ProLiant DL20 Gen10 Server - Prior to 2.58_04_14_2022
- HPE ProLiant DL20 Gen10 Plus server - Prior to 1.58_04_18_2022
- HPE ProLiant ML30 Gen10 Server - Prior to 2.58_04_14_2022
- HPE ProLiant ML30 Gen10 Plus server - Prior to 1.58_04_18_2022
- HPE ProLiant MicroServer Gen10 Plus - Prior to 2.58_04_14_2022
- HPE ProLiant DL20 Gen9 Server - Prior to 3.06_04_14_2022
- HPE ProLiant ML30 Gen9 Server - Prior to 3.06_04_14_2022
An attacker could exploit these vulnerabilities by doing the following:
- Denial of service attack (DoS)
- Disclosure of Information
- Escalation of Privilege
The CERT team encourages users to review HPE security advisory and apply the necessary updates:
- https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbst04294en_us
- https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbst04295en_us
- https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04297en_us
- https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04296en_us
- https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04293en_us
- https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04292en_us
- https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbst04276en_us
- https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04286en_us
- https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04288en_us
- https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04289en_us
- https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04290en_us