CVE-2021-29214
HIGHHPE StoreServ Management Console <3.8.1 - Privilege Escalation
Title source: llmDescription
A security vulnerability has been identified in HPE StoreServ Management Console (SSMC). An authenticated SSMC administrator could exploit the vulnerability to inject code and elevate their privilege in SSMC. The scope of this vulnerability is limited to SSMC. Note: The arrays being managed are not impacted by this vulnerability. This vulnerability impacts SSMC versions 3.4 GA to 3.8.1.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst04207en_us
Scores
CVSS v3
7.2
EPSS
0.0037
EPSS Percentile
59.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (1)
hp/storeserv_management_console
3.4 - 3.8.1
Published
Dec 10, 2021
Tracked Since
Feb 18, 2026