CVE-2021-26576

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a command injection vulnerability in libifc.so uploadsshkey function.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:hpe:baseboard_management_controller:*:*:*:*:*:*:*:*
cpe:2.3:h:hpe:apollo_70_system:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:56

Type Values Removed Values Added
References () https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04080en_us - Patch, Vendor Advisory () https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04080en_us - Patch, Vendor Advisory

Information

Published : 2021-02-08 21:15

Updated : 2024-11-21 05:56


NVD link : CVE-2021-26576

Mitre link : CVE-2021-26576

CVE.ORG link : CVE-2021-26576


JSON object : View

Products Affected

hpe

  • apollo_70_system
  • baseboard_management_controller
CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')