CVE-2021-26570

HIGH

HPE Baseboard Management Controller < 3.0.14.0 - Buffer Overflow in libifc.so webifc_setadconfig

Title source: llm
STIX 2.1

Description

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webifc_setadconfig function.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-21-340/

Scores

CVSS v3 7.8
EPSS 0.0050
EPSS Percentile 39.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-120
Status published
Products (1)
hpe/baseboard_management_controller < 3.0.14.0
Published Feb 08, 2021
Tracked Since Feb 18, 2026