HPE Cray and ProLiant servers update for AMD microcode

1) Information disclosure

EUVDB-ID: #VU79263

Risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-20569

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote user to gain access to potentially sensitive information.

The vulnerability exists due to a side channel issue in AMD CPUs. A remote user can influence the return address prediction and gain unauthorized access to sensitive information on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Cray EX4252: before 1.5.0

Cray EX235n: before 1.3.1

Cray EX235a: before 1.8.0

HPE ProLiant XL675d Gen10 Plus Server: before 2.80

HPE ProLiant XL645d Gen10 Plus Server: before 2.80

HPE ProLiant DL385 Gen10 Plus server: before 2.80

HPE ProLiant DL325 Gen10 Plus server: before 2.80

Cray EX425: before 1.7.2

CPE2.3

• cpe:2.3:a:hpe:cray_ex4252_compute_blade:*:*:*:*:*:*:*:*
• cpe:2.3:a:hpe:cray_ex235n_server:*:*:*:*:*:*:*:*
• cpe:2.3:a:hpe:cray_ex235a_accelerator_blade:*:*:*:*:*:*:*:*
• cpe:2.3:h:hpe:hpe_proliant_xl675d_gen10_plus_server:*:*:*:*:*:*:*:*
• cpe:2.3:h:hpe:hpe_proliant_xl645d_gen10_plus_server:*:*:*:*:*:*:*:*
• cpe:2.3:h:hpe:hpe_proliant_dl385_gen10_plus_server:*:*:*:*:*:*:*:*
• cpe:2.3:h:hpe:hpe_proliant_dl325_gen10_plus_server:*:*:*:*:*:*:*:*
• cpe:2.3:h:hpe:cray_ex425_server:*:*:*:*:*:*:*:*

External links

https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbcr04545en_us

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.