Multiple vulnerabilities in HPE firmware

1) Information disclosure

EUVDB-ID: #VU9882

Risk: Low

CVSSv3.1: 5 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2017-5754

CWE-ID: CWE-200 - Information exposure

Exploit availability: Yes

Description

The vulnerability allows a local attacker to obtain potentially sensitive information.

The vulnerability exists in Intel CPU hardware due to side-channel attacks, which are also referred to as Meltdown attacks. A local attacker can execute arbitrary code, perform a side-channel analysis of the data cache and gain access to sensitive information including memory from the CPU cache.

Mitigation

Install update from vendor's website.

Vulnerable software versions

HPE Cloudline CL2200 G3 1211R 12 LFF Configure: All versions

HPE Cloudline CL2100 G3 806R 8SFF Configure: All versions

HPE Cloudline CL2100 G3 407S 4 LFF Configure: All versions

HPE Cloudline CL2100 G3 807S 8 SFF Configure: All versions

HPE Cloudline CL3100 G3 Server: All versions

HPE Cloudline CL5200 G3 Server: All versions

HPE Cloudline CL3150 G4 Server: All versions

HPE Cloudline CL2200 Gen10 Server: All versions

HPE Cloudline CL2100 Gen10 Server: All versions

HP ProLiant DL580 Gen8 Server: All versions

HPE Converged Architecture 700: All versions

HP ConvergedSystem 700: All versions

HPE StoreEasy 1850 Storage: All versions

HPE StoreEasy 3850 Gateway Storage: All versions

HPE StoreEasy 1650 Storage: All versions

HPE StoreEasy 1550 Storage: All versions

HPE StoreEasy 1450 Storage: All versions

HPE StoreVirtual 3000 File Controller: All versions

HP 3PAR StoreServ File Controller: All versions

HPE Superdome Flex Server: All versions

HPE ProLiant ML310e Gen8 v2 Server: All versions

HPE ProLiant MicroServer Gen8: All versions

HPE ProLiant m300 Server Cartridge: All versions

HPE ProLiant m350 Server Cartridge: All versions

HPE ProLiant ML10 v2 Server: All versions

HPE ProLiant Thin Micro TM200 Server: All versions

HPE Synergy Composer: All versions

HP ProLiant DL980 G7 Server: All versions

HP ProLiant m710 Server Cartridge: All versions

HPE ProLiant m710x Server Cartridge: All versions

HPE ProLiant m710p Server Cartridge: All versions

HPE ProLiant m510 Server Cartridge: All versions

HPE Synergy 680 Gen9 Compute Module: All versions

HP ProLiant XL220a Gen8 v2 Server: All versions

HPE ProLiant DL580 Gen9 Server: All versions

HPE Synergy 620 Gen9 Compute Module: All versions

HPE ProLiant XL260a Gen9 Server: All versions

HPE ProLiant WS460c Gen9 Workstation: All versions

HPE ProLiant XL270d Gen9 Accelerator Tray 2U Configure: All versions

HPE ProLiant DL180 Gen9 Server: All versions

HP ProLiant DL80 Gen9 Server: All versions

HPE ProLiant XL190r Gen9 Server: All versions

HPE ProLiant XL250a Gen9 Server: All versions

HPE Synergy 480 Gen9 Compute Module: All versions

HPE Synergy 660 Gen9 Compute Module: All versions

HPE ProLiant DL20 Gen9 Server: All versions

HPE ProLiant ML30 Gen9 Server: All versions

HP ProLiant BL660c Gen9 Server: All versions

HPE ProLiant DL560 Gen9 Server: All versions

HP ProLiant DL120 Gen9 Server: All versions

HPE ProLiant ML350 Gen9 Server: All versions

HP ProLiant ML150 Gen9 Server: All versions

HP ProLiant ML110 Gen9 Server: All versions

HP ProLiant BL460c Gen9 Server Blade: All versions

HPE Apollo 4200 Gen9 Server: All versions

HPE ProLiant XL450 Gen9 Server: All versions

HP ProLiant DL380 Gen9 Server: All versions

HPE ProLiant DL360 Gen9 Server: All versions

HP ProLiant DL160 Gen9 Server: All versions

HP ProLiant DL60 Gen9 Server: All versions

HPE ProLiant XL170r Gen9 Server: All versions

HPE ProLiant XL750f Gen9 Server: All versions

HPE ProLiant XL740f Gen9 Server: All versions

HPE ProLiant XL230a Gen9 Server: All versions

HPE ProLiant XL730f Gen9 Server: All versions

HPE Synergy 480 Gen10 Compute Module: All versions

HPE ProLiant XL230k Gen10 Server: All versions

HPE ProLiant XL190r Gen10 Server: All versions

HPE ProLiant BL460c Gen10 Server Blade: All versions

HPE ProLiant XL170r Gen10 Server: All versions

HPE ProLiant DL385 Gen10 Server: All versions

HPE Synergy 660 Gen10 Compute Module: All versions

HPE ProLiant XL450 Gen10 Server: All versions

HPE ProLiant ML350 Gen10 Server: All versions

HPE ProLiant DL120 Gen10 Server: All versions

HPE ProLiant DL560 Gen10 Server: All versions

HPE ProLiant DL580 Gen10 Server: All versions

HPE ProLiant ML110 Gen10 Server: All versions

HPE ProLiant DL360 Gen10 Server: All versions

HPE ProLiant DL160 Gen10 Server: All versions

HPE ProLiant DL180 Gen10 Server: All versions

HPE ProLiant DL380 Gen10 Server: All versions

External links

http://01.org/security/advisories/intel-oss-10003

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

2) Information disclosure

EUVDB-ID: #VU9883

Risk: Low

CVSSv3.1: 5 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2017-5715

CWE-ID: CWE-200 - Information exposure

Exploit availability: Yes

Description

The vulnerability allows a local attacker to obtain potentially sensitive information.

The vulnerability exists in Intel CPU hardware due to improper implementation of the speculative execution of instructions. A local attacker can utilize branch target injection, execute arbitrary code, perform a side-channel attack and read sensitive memory information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

HPE Cloudline CL2200 G3 1211R 12 LFF Configure: All versions

HPE Cloudline CL2100 G3 806R 8SFF Configure: All versions

HPE Cloudline CL2100 G3 407S 4 LFF Configure: All versions

HPE Cloudline CL2100 G3 807S 8 SFF Configure: All versions

HPE Cloudline CL3100 G3 Server: All versions

HPE Cloudline CL5200 G3 Server: All versions

HPE Cloudline CL3150 G4 Server: All versions

HPE Cloudline CL2200 Gen10 Server: All versions

HPE Cloudline CL2100 Gen10 Server: All versions

HP ProLiant DL580 Gen8 Server: All versions

HPE Converged Architecture 700: All versions

HP ConvergedSystem 700: All versions

HPE StoreEasy 1850 Storage: All versions

HPE StoreEasy 3850 Gateway Storage: All versions

HPE StoreEasy 1650 Storage: All versions

HPE StoreEasy 1550 Storage: All versions

HPE StoreEasy 1450 Storage: All versions

HPE StoreVirtual 3000 File Controller: All versions

HP 3PAR StoreServ File Controller: All versions

HPE Superdome Flex Server: All versions

HPE ProLiant ML310e Gen8 v2 Server: All versions

HPE ProLiant MicroServer Gen8: All versions

HPE ProLiant m300 Server Cartridge: All versions

HPE ProLiant m350 Server Cartridge: All versions

HPE ProLiant ML10 v2 Server: All versions

HPE ProLiant Thin Micro TM200 Server: All versions

HPE Synergy Composer: All versions

HP ProLiant DL980 G7 Server: All versions

HP ProLiant m710 Server Cartridge: All versions

HPE ProLiant m710x Server Cartridge: All versions

HPE ProLiant m710p Server Cartridge: All versions

HPE ProLiant m510 Server Cartridge: All versions

HPE Synergy 680 Gen9 Compute Module: All versions

HP ProLiant XL220a Gen8 v2 Server: All versions

HPE ProLiant DL580 Gen9 Server: All versions

HPE Synergy 620 Gen9 Compute Module: All versions

HPE ProLiant XL260a Gen9 Server: All versions

HPE ProLiant WS460c Gen9 Workstation: All versions

HPE ProLiant XL270d Gen9 Accelerator Tray 2U Configure: All versions

HPE ProLiant DL180 Gen9 Server: All versions

HP ProLiant DL80 Gen9 Server: All versions

HPE ProLiant XL190r Gen9 Server: All versions

HPE ProLiant XL250a Gen9 Server: All versions

HPE Synergy 480 Gen9 Compute Module: All versions

HPE Synergy 660 Gen9 Compute Module: All versions

HPE ProLiant DL20 Gen9 Server: All versions

HPE ProLiant ML30 Gen9 Server: All versions

HP ProLiant BL660c Gen9 Server: All versions

HPE ProLiant DL560 Gen9 Server: All versions

HP ProLiant DL120 Gen9 Server: All versions

HPE ProLiant ML350 Gen9 Server: All versions

HP ProLiant ML150 Gen9 Server: All versions

HP ProLiant ML110 Gen9 Server: All versions

HP ProLiant BL460c Gen9 Server Blade: All versions

HPE Apollo 4200 Gen9 Server: All versions

HPE ProLiant XL450 Gen9 Server: All versions

HP ProLiant DL380 Gen9 Server: All versions

HPE ProLiant DL360 Gen9 Server: All versions

HP ProLiant DL160 Gen9 Server: All versions

HP ProLiant DL60 Gen9 Server: All versions

HPE ProLiant XL170r Gen9 Server: All versions

HPE ProLiant XL750f Gen9 Server: All versions

HPE ProLiant XL740f Gen9 Server: All versions

HPE ProLiant XL230a Gen9 Server: All versions

HPE ProLiant XL730f Gen9 Server: All versions

HPE Synergy 480 Gen10 Compute Module: All versions

HPE ProLiant XL230k Gen10 Server: All versions

HPE ProLiant XL190r Gen10 Server: All versions

HPE ProLiant BL460c Gen10 Server Blade: All versions

HPE ProLiant XL170r Gen10 Server: All versions

HPE ProLiant DL385 Gen10 Server: All versions

HPE Synergy 660 Gen10 Compute Module: All versions

HPE ProLiant XL450 Gen10 Server: All versions

HPE ProLiant ML350 Gen10 Server: All versions

HPE ProLiant DL120 Gen10 Server: All versions

HPE ProLiant DL560 Gen10 Server: All versions

HPE ProLiant DL580 Gen10 Server: All versions

HPE ProLiant ML110 Gen10 Server: All versions

HPE ProLiant DL360 Gen10 Server: All versions

HPE ProLiant DL160 Gen10 Server: All versions

HPE ProLiant DL180 Gen10 Server: All versions

HPE ProLiant DL380 Gen10 Server: All versions

External links

http://newsroom.intel.com/news/intel-responds-to-security-research-findings/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

3) Information disclosure

EUVDB-ID: #VU9884

Risk: Low

CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:H/RL:O/RC:C]

CVE-ID: CVE-2017-5753

CWE-ID: CWE-200 - Information exposure

Exploit availability: Yes

Description

The vulnerability allows a local attacker to obtain potentially sensitive information.

The vulnerability exists in Intel CPU hardware due to improper implementation of the speculative execution of instructions. A local attacker can perform a bounds check bypass, execute arbitrary code, conduct a side-channel attack and read sensitive memory information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

HPE Cloudline CL2200 G3 1211R 12 LFF Configure: All versions

HPE Cloudline CL2100 G3 806R 8SFF Configure: All versions

HPE Cloudline CL2100 G3 407S 4 LFF Configure: All versions

HPE Cloudline CL2100 G3 807S 8 SFF Configure: All versions

HPE Cloudline CL3100 G3 Server: All versions

HPE Cloudline CL5200 G3 Server: All versions

HPE Cloudline CL3150 G4 Server: All versions

HPE Cloudline CL2200 Gen10 Server: All versions

HPE Cloudline CL2100 Gen10 Server: All versions

HP ProLiant DL580 Gen8 Server: All versions

HPE Converged Architecture 700: All versions

HP ConvergedSystem 700: All versions

HPE StoreEasy 1850 Storage: All versions

HPE StoreEasy 3850 Gateway Storage: All versions

HPE StoreEasy 1650 Storage: All versions

HPE StoreEasy 1550 Storage: All versions

HPE StoreEasy 1450 Storage: All versions

HPE StoreVirtual 3000 File Controller: All versions

HP 3PAR StoreServ File Controller: All versions

HPE Superdome Flex Server: All versions

HPE ProLiant ML310e Gen8 v2 Server: All versions

HPE ProLiant MicroServer Gen8: All versions

HPE ProLiant m300 Server Cartridge: All versions

HPE ProLiant m350 Server Cartridge: All versions

HPE ProLiant ML10 v2 Server: All versions

HPE ProLiant Thin Micro TM200 Server: All versions

HPE Synergy Composer: All versions

HP ProLiant DL980 G7 Server: All versions

HP ProLiant m710 Server Cartridge: All versions

HPE ProLiant m710x Server Cartridge: All versions

HPE ProLiant m710p Server Cartridge: All versions

HPE ProLiant m510 Server Cartridge: All versions

HPE Synergy 680 Gen9 Compute Module: All versions

HP ProLiant XL220a Gen8 v2 Server: All versions

HPE ProLiant DL580 Gen9 Server: All versions

HPE Synergy 620 Gen9 Compute Module: All versions

HPE ProLiant XL260a Gen9 Server: All versions

HPE ProLiant WS460c Gen9 Workstation: All versions

HPE ProLiant XL270d Gen9 Accelerator Tray 2U Configure: All versions

HPE ProLiant DL180 Gen9 Server: All versions

HP ProLiant DL80 Gen9 Server: All versions

HPE ProLiant XL190r Gen9 Server: All versions

HPE ProLiant XL250a Gen9 Server: All versions

HPE Synergy 480 Gen9 Compute Module: All versions

HPE Synergy 660 Gen9 Compute Module: All versions

HPE ProLiant DL20 Gen9 Server: All versions

HPE ProLiant ML30 Gen9 Server: All versions

HP ProLiant BL660c Gen9 Server: All versions

HPE ProLiant DL560 Gen9 Server: All versions

HP ProLiant DL120 Gen9 Server: All versions

HPE ProLiant ML350 Gen9 Server: All versions

HP ProLiant ML150 Gen9 Server: All versions

HP ProLiant ML110 Gen9 Server: All versions

HP ProLiant BL460c Gen9 Server Blade: All versions

HPE Apollo 4200 Gen9 Server: All versions

HPE ProLiant XL450 Gen9 Server: All versions

HP ProLiant DL380 Gen9 Server: All versions

HPE ProLiant DL360 Gen9 Server: All versions

HP ProLiant DL160 Gen9 Server: All versions

HP ProLiant DL60 Gen9 Server: All versions

HPE ProLiant XL170r Gen9 Server: All versions

HPE ProLiant XL750f Gen9 Server: All versions

HPE ProLiant XL740f Gen9 Server: All versions

HPE ProLiant XL230a Gen9 Server: All versions

HPE ProLiant XL730f Gen9 Server: All versions

HPE Synergy 480 Gen10 Compute Module: All versions

HPE ProLiant XL230k Gen10 Server: All versions

HPE ProLiant XL190r Gen10 Server: All versions

HPE ProLiant BL460c Gen10 Server Blade: All versions

HPE ProLiant XL170r Gen10 Server: All versions

HPE ProLiant DL385 Gen10 Server: All versions

HPE Synergy 660 Gen10 Compute Module: All versions

HPE ProLiant XL450 Gen10 Server: All versions

HPE ProLiant ML350 Gen10 Server: All versions

HPE ProLiant DL120 Gen10 Server: All versions

HPE ProLiant DL560 Gen10 Server: All versions

HPE ProLiant DL580 Gen10 Server: All versions

HPE ProLiant ML110 Gen10 Server: All versions

HPE ProLiant DL360 Gen10 Server: All versions

HPE ProLiant DL160 Gen10 Server: All versions

HPE ProLiant DL180 Gen10 Server: All versions

HPE ProLiant DL380 Gen10 Server: All versions

External links

http://01.org/security/advisories/intel-oss-10002

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.