- Description
- A security vulnerability in the HPE Virtual Connect SE 16Gb Fibre Channel Module for HPE Synergy running firmware 5.00.50, which is part of the HPE Synergy Custom SPP 2018.11.20190205, could allow local or remote unauthorized elevation of privilege.
- Source
- security-alert@hpe.com
- NVD status
- Analyzed
CVSS 3.0
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:synergy_firmware:5.00.50:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1BAFCDA2-7A43-457F-826D-497E5AC6E51C"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:synergy:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1D8B1326-6F8E-47AE-89CB-3FF42ADD6370"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]