CVE-2021-29203
CRITICAL EXPLOITED NUCLEIHPE Edgeline Infrastructure Manager < 1.22 - Unauthenticated Remote Command Execution
Title source: llmExploitation Summary
CVE-2021-29203 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.
Description
A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software, prior to version 1.22. The vulnerability could be remotely exploited to bypass remote authentication leading to execution of arbitrary commands, gaining privileged access, causing denial of service, and changing the configuration. HPE has released a software update to resolve the vulnerability in the HPE Edgeline Infrastructure Manager.
Nuclei Templates (1)
HPE Edgeline Infrastructure Manager <1.22 - Authentication Bypass
CRITICALby madrobot
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://www.tenable.com/security/research/tra-2021-15
Vendor Advisory x_refsource_misc
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04124en_us
Scores
CVSS v3
9.8
EPSS
0.6829
EPSS Percentile
99.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
VulnCheck KEV
2023-12-24
CWE
CWE-306
Status
published
Products (1)
hp/edgeline_infrastructure_manager
< 1.22
Published
May 06, 2021
Tracked Since
Feb 18, 2026