Hewlett Packard Enterprise Product Security Vulnerability Alerts
Side Channel Analysis Method allows information disclosure in Microprocessors (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)
Version 32.0 : Last Updated: October 8, 2018
This website is updated frequently, as new product information becomes available.
Recently, Side-Channel security vulnerabilities involving speculative execution were publicly disclosed. These vulnerabilities may impact the listed HPE products, potentially leading to information disclosure and elevation of privilege. Mitigation and resolution of these vulnerabilities may call for both an operating system update, provided by the OS vendor, and a system ROM update from HPE. Intel provided an initial high level statement here.
In addition, we are alerting our customers to an Intel statement published on January 22, 2018 regarding issues associated with the Intel microcode patch designed to address the Side-Channel Analysis vulnerability. Intel recommends that customers stop deployment of the HPE ProLiant, HPE Synergy, HPE Superdome Flex and HPE Superdome X System ROMs that include the updated microcode and revert back to the previous version of System ROM. The impact assessment linked below has been updated accordingly. Please reference the HPE Customer Guidance Pack and HPE Customer Advisory for additional details about this issue. Please note that the HPE ProLiant DL385 Gen10 with the AMD microcode update is working as designed and has mitigated the risk associated with the Side Channel Analysis vulnerability.
Note: Intel has informed HPE that Itanium is not impacted by these vulnerabilities.
- Resources
- HPE Vulnerability Homepage
- HPE Security Bulletin
- Intel Advisory
- AMD Advisory
- ARM Advisory
- Intel – Facts About Side Channel Analysis
- NVD CVE-2017-5715
- NVD CVE-2017-5754
- NVD CVE-2017-5753
|
Usage Instructions and Definitions for CVE Vulnerability Information |
|
|
Data |
Definition |
|
Product Category |
High-level product description. |
|
Product Sub-Category |
Medium-level product description. |
|
Product Name |
Detailed product description. |
|
|
|
|
(Impacted) |
Indicates whether the specific product is affected by the cited vulnerability. |
|
|
|
|
If Impacted - Mitigation or |
Information regarding how to address a vulnerability. |
|
Under Investigation |
|
|
Link(s) to security bulletin (Vendor) |
Link to Vendor's Security Bulletin. |
Use the following table to find vulnerability information.
|
Product
Sub-Category |
Product
Name |
Impacted |
ROM Family |
Resolved in ROM Version |
Mitigation
and Notes |
Customer
Bulletin |
Security
Bulletin |
|
|
Cloudline |
Cloudline
|
Cloudline
CL2100 Gen10 |
Yes |
O52 |
|
|||
|
Cloudline |
Cloudline
|
Cloudline
CL2200 Gen10 |
Yes |
O53 |
|
|||
|
Cloudline |
Cloudline
|
Cloudline
CL3150 Gen10 |
Yes |
O51 |
|
|||
|
Cloudline |
Cloudline
|
Cloudline
CL5200 G3 |
Yes |
|
|
|||
|
Cloudline |
Cloudline
|
Cloudline
CL6800 G3 |
TBD |
|
TBD |
Under
Investigation |
|
|
|
Cloudline |
Cloudline |
Cloudline
CL3100 G3 |
Yes |
|
|
|||
|
Cloudline |
Cloudline |
Cloudline
CL7100 G3 |
TBD |
|
TBD |
Under
Investigation |
|
|
|
Cloudline |
Cloudline |
Cloudline
CL2100 G3 407S/807S (Haswell) |
Yes |
|
BIOS
ROM Flash Utility - HPE Cloudline CL2100 G3 407S/807S Servers (Haswell) |
|
||
|
Cloudline |
Cloudline |
Cloudline
CL2100 G3 407S/807S (Broadwell) |
Yes |
|
BIOS
ROM Flash Utility - HPE Cloudline CL2100 G3 407S/807S Servers (Broadwell) |
|
||
|
Cloudline |
Cloudline |
Cloudline
CL2100 G3 806R (Broadwell) |
Yes |
|
BIOS
ROM Flash Utility - HPE Cloudline CL2100 G3 806R Servers (Broadwell) |
|
||
|
Cloudline |
Cloudline |
Cloudline
CL2200 G3 1211R (Haswell) |
Yes |
|
BIOS
ROM Flash Utility - HPE Cloudline CL2200 G3 1211R Server (Haswell) |
|
||
|
Cloudline |
Cloudline |
Cloudline
CL2200 G3 1211R (Broadwell) |
Yes |
|
BIOS
ROM Flash Utility - HPE Cloudline CL2200 G3 1211R Server (Broadwell) |
|
||
|
Converged
Systems |
Converged
Systems |
HPE
ConvergedSystem 700 & HPE ConvergedArchitecture 700 |
Yes |
|
|
Reference
Customer Bulletin |
||
|
Converged
Systems |
Converged
Systems |
HPE
ProLiant for Microsoft Azure Stack |
Yes |
|
|
Under
investigation - further information forthcoming |
|
|
|
Converged
Systems |
Converged
Systems |
HPE
ConvergedSystem 500 for SAP HANA Scale-up / Scale-out configurations (Intel
Ivy Bridge architecture) |
Yes |
|
|
Reference
Customer Bulletin |
|
|
|
Converged
Systems |
Converged
Systems |
HPE
ConvergedSystem 900 for SAP HANA Scale-up / Scale-out configurations (Intel Ivy
Bridge architecture) |
Yes |
|
|
Reference
Customer Bulletin |
|
|
|
Converged
Systems |
Converged
Systems |
HPE
ConvergedSystem 500 for SAP HANA Scale-up / Scale-out configurations (Intel
Haswell architecture) |
Yes |
|
|
Reference
Customer Bulletin |
|
|
|
Converged
Systems |
Converged
Systems |
HPE
ConvergedSystem 900 for SAP HANA Scale-up configurations (Intel Haswell
architecture) |
Yes |
|
|
Reference
Customer Bulletin |
|
|
|
Converged
Systems |
Converged
Systems |
HPE
ConvergedSystem 500 for SAP HANA Scale-up configurations (Intel Skylake
architecture) |
Yes |
|
|
Reference
Customer Bulletin |
|
|
|
Converged
Systems |
Converged
Systems |
HPE
AppSystem for SAP HANA Scale-up / Scale-out configurations (IntelWestmere
architecture) |
Yes |
|
|
Reference
Customer Bulletin |
|
|
|
Converged
Systems |
Converged
Systems |
HPE
TDI configurations (all architectures) |
Yes |
|
|
See
mitigation for associated component BIOS and Operating Systems |
|
|
|
HPE
Helion |
HPE
Helion |
HPE
Helion OpenStack |
Yes |
|
|
Reference
Customer Bulletin |
|
|
|
Hyper
Converged |
Hyper
Converged |
HPE
Hyper Converged 250 for VMware vSphere |
Yes |
|
|
Reference
Customer Bulletin |
|
|
|
Hyper
Converged |
Hyper
Converged |
HPE
Hyper Converged 250 for Microsoft Cloud Platform System Standard |
Yes |
|
|
Reference
Customer Bulletin |
|
|
|
Hyper
Converged |
Hyper
Converged |
Hyper
Converged 380 |
Yes |
|
|
Reference
Customer Bulletin |
|
|
|
Integrity |
Integrity |
HPE
Superdome Flex Server |
Yes |
|
Reference
Customer Bulletin |
|||
|
Integrity |
Integrity |
HPE
Integrity Superdome X with BL920s Gen9 Server Blade |
Yes |
|
Reference
Customer Bulletin |
Customer Bulletin a00039773 |
||
|
Integrity |
Integrity |
HPE
Integrity Superdome X with BL920s Gen8 Server Blade |
Yes |
|
Reference
Customer Bulletin |
|||
|
Integrity |
Integrity |
HPE
Integrity MC990 X Server, SGI UV 300, 300H, 300RL, 30EX |
Yes |
|
Reference
Customer Bulletin |
|||
|
Integrity |
Integrity |
HPE
Integrity BL860c,BL870c, BL890c i2 |
No |
|
|
Not
Vulnerable |
|
|
|
Integrity |
Integrity |
HPE
Integrity BL860c, BL870c, BL890c i6 & i4 |
No |
|
|
Not
Vulnerable |
|
|
|
Integrity |
Integrity |
HPE
Integrity rx2800 i6 & i4 |
No |
|
|
Not
Vulnerable |
|
|
|
Integrity |
Integrity |
HPE
Integrity rx2800 i2 |
No |
|
|
Not
Vulnerable |
|
|
|
Integrity |
Integrity |
HPE
Integrity BL860c |
No |
|
|
Not
Vulnerable |
|
|
|
Integrity |
Integrity |
HPE
Integrity BL870c |
No |
|
|
Not
Vulnerable |
|
|
|
Integrity |
Integrity |
HPE
Integrity rx6600, rx3600 |
No |
|
|
Not
Vulnerable |
|
|
|
Integrity |
Integrity |
HPE
Integrity rx2660 |
No |
|
|
Not
Vulnerable |
|
|
|
Integrity |
Integrity |
HPE
9000 Superdome sx1000/sx2000 |
No |
|
|
Not
Vulnerable |
|
|
|
Integrity |
Integrity |
HPE
Integrity Superdome 2 CB900s i6, i4 & i2 Server |
No |
|
|
Not
Vulnerable |
|
|
|
Integrity |
Integrity |
HPE
Integrity cx2600, cx2620 |
No |
|
|
Not
Vulnerable |
|
|
|
Networking |
DCN
Networking |
Altoline
(Accton) 6920 |
Yes |
|
V36 build 20180212 |
Vulnerability
is fixed via BIOS update |
||
|
Networking |
DCN
Networking |
Altoline
(Accton) 6921 |
Yes |
|
V36 build 20180212 |
Vulnerability
is fixed via BIOS update |
||
|
Networking |
DCN
Networking |
Altoline
(Accton) 6940 |
Yes |
|
V36 build 20180212 |
Vulnerability
is fixed via BIOS update |
||
|
Networking |
DCN
Networking |
Altoline
(Accton) 6941 |
Yes |
|
V36 build 20180212 |
Vulnerability
is fixed via BIOS update |
||
|
Networking |
DCN
Networking |
Altoline
(Accton) 6960 |
Yes |
|
V36 build 20180212 |
Vulnerability
is fixed via BIOS update |
||
|
Networking |
DCN
Networking |
Pica
8 OS |
No |
|
|
Reference
Vendor's Security Advisory (Username & Password Required) |
|
|
|
Networking |
DCN
Networking |
Big
Switch OS |
Yes |
|
|
Vulnerable-
further information forthcoming from vendor. |
|
|
|
Networking |
H3C |
H3C
- Campus Switch/Router/WLAN 5130EI |
No |
|
|
Not
Vulnerable |
|
|
|
Networking |
H3C |
H3C
- Campus Switch/Router/WLAN 5130HI |
No |
|
|
Not
Vulnerable |
|
|
|
Networking |
H3C |
H3C
- Campus Switch/Router/WLAN 5510HI |
No |
|
|
Not
Vulnerable |
|
|
|
Networking |
H3C |
H3C
- Campus Switch/Router/WLAN MSR1000 |
No |
|
|
Not
Vulnerable |
|
|
|
Networking |
H3C |
H3C
- Campus Switch/Router/WLAN MSR2000 |
No |
|
|
Not
Vulnerable |
|
|
|
Networking |
H3C |
H3C
- Campus Switch/Router/WLAN HSR6800 |
No |
|
|
Not
Vulnerable |
|
|
|
Networking |
H3C |
H3C
- Campus Switch/Router/WLAN HSR6600 |
No |
|
|
Not
Vulnerable |
|
|
|
Networking |
H3C |
HPE
MSR OAP MIM Mod w/VMware vSphere |
Yes |
|
|
Recommended
to upgrade to the OS version with correct patches |
|
|
|
Networking |
H3C |
HPE
FlexFabric 5950 Switch Series |
No |
|
|
Not
Vulnerable |
|
|
|
Networking |
H3C |
HPE
FlexFabric 5940 Switch Series |
No |
|
|
Not
Vulnerable |
|
|
|
Networking |
H3C |
HPE
FlexFabric 5980 Switch Series |
No |
|
|
Not
Vulnerable |
|
|
|
Networking |
H3C |
HPE
FlexFabric 12500 Switch Series |
No |
|
|
Not
Vulnerable |
|
|
|
Networking |
H3C |
HPE
FlexFabric 5800 Switch Series |
No |
|
|
Not
Vulnerable |
|
|
|
Networking |
H3C |
HPE
FlexFabric 5820 Switch Series |
No |
|
|
Not
Vulnerable |
|
|
|
Networking |
H3C |
HPE
FlexFabric 5830 Switch Series |
No |
|
|
Not
Vulnerable |
|
|
|
Networking |
H3C |
HPE
FlexFabric 5900 Switch Series |
No |
|
|
Not
Vulnerable |
|
|
|
Networking |
H3C |
HPE
FlexFabric 5920 Switch Series |
No |
|
|
Not
Vulnerable |
|
|
|
Networking |
H3C |
HPE
FlexFabric 12900E Switch Series |
No |
|
|
Not
Vulnerable |
|
|
|
Networking |
H3C |
HPE
FlexFabric 5930 Switch Series |
No |
|
|
Not
Vulnerable |
|
|
|
Networking |
H3C |
HPE
FlexFabric 7900 Switch Series |
No |
|
|
Not
Vulnerable |
|
|
|
Networking |
H3C |
HPE
FlexNetwork MSR Medium Survivable Branch Communication MIM Module powered by
Microsoft Lync - JG588A |
No |
|
|
Not
Vulnerable |
|
|
|
Networking |
HPE
Aruba Network |
Aruba
HPE Switch - 8400 |
No |
|
|
Reference
Aruba's Product Security Advisory |
|
|
|
Networking |
HPE
Aruba Network |
Aruba
HPE Switch - 8320 |
No |
|
|
Reference
Aruba's Product Security Advisory |
|
|
|
Networking |
HPE
Aruba Network |
Aruba
HPE Switch - 2615/2915 |
Yes |
|
|
Not
Vulnerable – Product does not allow execution of arbitrary code by an
unauthorized user |
|
|
|
Networking |
HPE
Aruba Network |
Aruba
HPE Switch - 2920 |
Yes |
|
|
Not
Vulnerable – Product does not allow execution of arbitrary code by an unauthorized
user |
|
|
|
Networking |
HPE
Aruba Network |
Aruba
HPE Switch - 2930F |
Yes |
|
|
Not
Vulnerable – Product does not allow execution of arbitrary code by an
unauthorized user |
|
|
|
Networking |
HPE
Aruba Network |
HPE
ProVision - 3500/6200 |
Yes |
|
|
Not
Vulnerable – Product does not allow execution of arbitrary code by an
unauthorized user |
|
|
|
Networking |
HPE
Aruba Network |
HPE
ProVision - 8200 |
Yes |
|
|
Not
Vulnerable – Product does not allow execution of arbitrary code by an
unauthorized user |
|
|
|
Networking |
HPE
Aruba Network |
HPE
ProVision - 6600-48 |
Yes |
|
|
Not
Vulnerable – Product does not allow execution of arbitrary code by an
unauthorized user |
|
|
|
Networking |
HPE
Aruba Network |
Aruba
HPE Switch - 5400R |
Yes |
|
|
Not
Vulnerable – Product does not allow execution of arbitrary code by an
unauthorized user |
|
|
|
Networking |
HPE
Aruba Network |
Aruba
HPE Switch - 5406 |
Yes |
|
|
Not
Vulnerable – Product does not allow execution of arbitrary code by an
unauthorized user |
|
|
|
Networking |
HPE
Aruba Network |
HP
Switch - 2510G-24,2510G-48 |
Yes |
|
|
Not
Vulnerable – Product does not allow execution of arbitrary code by an
unauthorized user |
|
|
|
Networking |
HPE
Aruba Network |
HP
Switch - 2810G |
Yes |
|
|
Not
Vulnerable – Product does not allow execution of arbitrary code by an
unauthorized user |
|
|
|
Networking |
HPE
Aruba Network |
HP
Switch - 2510-24 |
Yes |
|
|
Not
Vulnerable – Product does not allow execution of arbitrary code by an
unauthorized user |
|
|
|
Networking |
HPE
Aruba Network |
HP
Switch - 2910 |
Yes |
|
|
Not
Vulnerable – Product does not allow execution of arbitrary code by an
unauthorized user |
|
|
|
Networking |
HPE
Aruba Network |
HP
Switch - 2520G-24-PoE & 8-PoE |
Yes |
|
|
Not
Vulnerable – Product does not allow execution of arbitrary code by an
unauthorized user |
|
|
|
Networking |
HPE
Aruba Network |
HP
Switch - 2520-24-PoE & 8-PoE |
Yes |
|
|
Not
Vulnerable – Product does not allow execution of arbitrary code by an
unauthorized user |
|
|
|
Networking |
HPE
Aruba Network |
HP
Switch - 6120XG, 6120G/XG |
Yes |
|
|
Not
Vulnerable – Product does not allow execution of arbitrary code by an
unauthorized user |
|
|
|
Networking |
HPE
Aruba Network |
HP
Switch - 2610 |
Yes |
|
|
Not
Vulnerable – Product does not allow execution of arbitrary code by an
unauthorized user |
|
|
|
Networking |
HPE
Aruba Network |
HP
Switch - 2510-48 |
Yes |
|
|
Not
Vulnerable – Product does not allow execution of arbitrary code by an
unauthorized user |
|
|
|
Networking |
HPE
Aruba Network |
HP
Switch - 6200-24G |
Yes |
|
|
Not
Vulnerable – Product does not allow execution of arbitrary code by an
unauthorized user |
|
|
|
Networking |
HPE
Aruba Network |
HP
Switch - 6600 |
Yes |
|
|
Not
Vulnerable – Product does not allow execution of arbitrary code by an
unauthorized user |
|
|
|
Networking |
HPE
Aruba Network |
HP
Switch - 8200 |
Yes |
|
|
Not
Vulnerable – Product does not allow execution of arbitrary code by an
unauthorized user |
|
|
|
Networking |
HPE
Aruba Network |
Aruba
HPE Switch - 5400 |
Yes |
|
|
Not
Vulnerable – Product does not allow execution of arbitrary code by an
unauthorized user |
|
|
|
Networking |
HPE
Aruba Network |
HP
Switch - 4200 |
Yes |
|
|
Not
Vulnerable – Product does not allow execution of arbitrary code by an
unauthorized user |
|
|
|
Networking |
HPE
Aruba Network |
Aruba
HPE Wireless R Series Routers |
No |
|
|
Reference
Aruba's Product Security Advisory |
|
|
|
Networking |
HPE
Aruba Network |
Aruba
Wireless Client Bridge - 501 |
No |
|
|
Reference
Aruba's Product Security Advisory |
|
|
|
Networking |
HPE
Aruba Network |
Aruba
HPE Office Connect Switches/Wireless |
No |
|
|
Reference
Aruba's Product Security Advisory |
|
|
|
Networking |
HPE
Aruba Network |
Aruba
HPE Unified Controllers/AP's |
No |
|
|
Reference
Aruba's Product Security Advisory |
|
|
|
Networking |
HPE
Aruba Network |
Aruba
HPE MSM Wireless Controllers/AP's |
No |
|
|
Reference
Aruba's Product Security Advisory |
|
|
|
Networking |
HPE
Aruba Network |
Aruba
ClearPass |
No |
|
|
Reference
Aruba's Product Security Advisory |
|
|
|
Networking |
HPE
Aruba Network |
Aruba
Airwave |
No |
|
|
Reference
Aruba's Product Security Advisory |
|
|
|
Networking |
HPE
Aruba Network |
Aruba
Mobility Master |
No |
|
|
Reference
Aruba's Product Security Advisory |
|
|
|
Networking |
HPE
Aruba Network |
Aruba
Virtual Mobility Controller |
No |
|
|
Reference
Aruba's Product Security Advisory |
|
|
|
Networking |
HPE
Aruba Network |
Aruba
IntroSpect Packet Processor |
No |
|
|
Reference
Aruba's Product Security Advisory |
|
|
|
Networking |
HPE
Aruba Network |
Aruba
Central |
No |
|
|
Reference
Aruba's Product Security Advisory |
|
|
|
Networking |
HPE
Aruba Network |
Aruba
Activate |
No |
|
|
Reference
Aruba's Product Security Advisory |
|
|
|
Networking |
HPE
Aruba Network |
Aruba
Meridian |
No |
|
|
Reference
Aruba's Product Security Advisory |
|
|
|
Networking |
HPE
Aruba Network |
Aruba
HPE 3810M |
Yes |
|
|
Not
Vulnerable - Product does not allow execution of arbitrary code by an
unauthorized user |
|
|
|
Networking |
HPE
Aruba Network |
Aruba
HPE 2530 |
Yes |
|
|
Not
Vulnerable - Product does not allow execution of arbitrary code by an
unauthorized user |
|
|
|
Nimble |
Nimble |
Nimble
Storage |
Yes |
|
|
Not
Vulnerable - Product doesn't allow arbitrary code execution. |
|
|
|
NonStop |
NonStop |
HPE
Integrity NonStop i CPUs (Itanium) |
No |
|
|
Not
Vulnerable |
|
|
|
NonStop |
NonStop |
HPE
Integrity NonStop X CPUs (x86) |
Yes |
|
|
Vulnerable
- Reference Hotstuff HS03387 |
||
|
NonStop |
NonStop |
HPE
NonStop System Consoles |
Yes |
|
|
Vulnerable
-Reference Hotstuff HS03369D |
||
|
NonStop |
NonStop |
HPE
NonStop Cluster I/O Modules (CLIMs) |
Yes |
|
|
Vulnerable
-Reference Hotstuff HS03372D |
||
|
NonStop |
NonStop |
HPE
NonStop Virtual Tape Products |
Yes |
|
|
Vulnerable
- Reference Hotstuffs HS03371D and HS03374B |
||
|
Servers |
Apollo |
Apollo
10 series PC40 Gen10 |
Yes |
|
|
Under
Investigation |
|
|
|
Servers |
Apollo |
Apollo
10 series SX40 Gen10 |
Yes |
|
|
Under
Investigation |
|
|
|
Servers |
Apollo
|
ProLiant
XL220a Gen8 v2 |
Yes |
P94 |
Reference
Customer Bulletin |
|||
|
Servers |
Apollo
2000 |
ProLiant
XL170r Gen10 |
Yes |
U38 |
Reference
Customer Bulletin |
|||
|
Servers |
Apollo
2000 |
ProLiant
XL190r Gen10 |
Yes |
U38 |
Reference
Customer Bulletin |
|||
|
Servers |
Apollo
2000 |
ProLiant
XL170r Gen9 |
Yes |
U14 |
Reference
Customer Bulletin |
|||
|
Servers |
Apollo
2000 |
ProLiant
XL190r Gen9 |
Yes |
U14 |
Reference
Customer Bulletin |
|||
|
Servers |
Apollo
4200 |
Apollo
4200 Gen9 |
Yes |
U19 |
Reference
Customer Bulletin |
|||
|
Servers |
Apollo
4500 |
ProLiant
XL450 Gen10 |
Yes |
U40 |
Reference
Customer Bulletin |
|||
|
Servers |
Apollo
4500 |
ProLiant
XL450 Gen9 |
Yes |
U21 |
Reference
Customer Bulletin |
|||
|
Servers |
Apollo
6000 |
ProLiant
XL260a Gen9 |
Yes |
U24 |
Reference
Customer Bulletin |
|||
|
Servers |
Apollo
6000 |
ProLiant
XL230k Gen10 |
Yes |
U37 |
Reference
Customer Bulletin |
|||
|
Servers |
Apollo
6000 |
ProLiant
XL230a Gen9 |
Yes |
U13 |
Reference
Customer Bulletin |
|||
|
Servers |
Apollo
6000 |
ProLiant
XL250a Gen9 |
Yes |
U13 |
Reference
Customer Bulletin |
|||
|
Servers |
Apollo
6500 |
ProLiant
XL270d Accelerator Tray Gen9 |
Yes |
U25 |
Reference
Customer Bulletin |
|||
|
Servers |
Apollo
8000 |
ProLiant
XL730f Gen9 |
Yes |
U18 |
Reference
Customer Bulletin |
|||
|
Servers |
Apollo
8000 |
ProLiant
XL740f Gen9 |
Yes |
U18 |
Reference
Customer Bulletin |
|||
|
Servers |
Apollo
8000 |
ProLiant
XL750f Gen9 |
Yes |
U18 |
Reference
Customer Bulletin |
|||
|
Servers |
Moonshot |
Moonshot
m300 Server Cartridge |
Yes |
H02 |
Reference
Customer Bulletin |
|||
|
Servers |
Moonshot |
Moonshot
m710 Server Cartridge |
Yes |
H03 |
Reference
Customer Bulletin |
|||
|
Servers |
Moonshot |
Moonshot
m350 Server Cartridge |
Yes |
H04 |
Reference
Customer Bulletin |
|||
|
Servers |
Moonshot |
Moonshot
m510 Server Cartridge |
Yes |
H05 |
Reference
Customer Bulletin |
|||
|
Servers |
Moonshot |
Moonshot
m710p Server Cartridge |
Yes |
H06 |
Reference
Customer Bulletin |
|||
|
Servers |
Moonshot |
Moonshot
m710x Server Cartridge |
Yes |
H07 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
BL420c Gen8 |
Yes |
I30 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
BL460c Gen8 |
Yes |
I31 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
BL660c Gen8 |
Yes |
I32 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
ML350e Gen8 |
Yes |
J02 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
ML350e Gen8 v2 |
Yes |
J02 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL160 Gen8 |
Yes |
J03 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
ML310e Gen8 |
Yes |
J04 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL320e Gen8 |
Yes |
J05 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
ML10 v2 |
Yes |
J10 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL380p Gen8 |
Yes |
P70 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL360p Gen8 Server |
Yes |
P71 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
ML350p Gen8 |
Yes |
P72 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL360e Gen8 |
Yes |
P73 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL380e Gen8 |
Yes |
P73 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL560 Gen8 |
Yes |
P77 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
ML310e Gen8 v2 |
Yes |
P78 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL320e Gen8 v2 |
Yes |
P80 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
ML10 |
Yes |
P88 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL580 Gen9 |
Yes |
U17 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
Thin Micro TM200 |
Yes |
U26 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL980 G7 |
Yes |
P66 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
BL460c Gen10 |
Yes |
I41 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL380 Gen10 |
Yes |
U30 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL180 Gen10 |
Yes |
U31 |
v1.32 (02/01/2018) |
Reference
Customer Bulletin |
||
|
Servers |
ProLiant |
ProLiant
DL360 Gen10 |
Yes |
U32 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
ML110 Gen10 |
Yes |
U33 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL560 Gen10 |
Yes |
U34 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL580 Gen10 |
Yes |
U34 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL120 Gen10 |
Yes |
U36 |
v1.32 (02/01/2018) |
Reference
Customer Bulletin |
||
|
Servers |
ProLiant |
ProLiant
ML350 Gen10 |
Yes |
U41 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL580 Gen8 |
Yes |
P79 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL20 Gen9 |
Yes |
U22 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
ML30 Gen9 |
Yes |
U23 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
BL460c Gen9 |
Yes |
I36 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
WS460c Gen9 |
Yes |
I36 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
BL660c Gen9 |
Yes |
I38 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL560 Gen9 |
Yes |
P85 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL120 Gen9 |
Yes |
P86 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL380 Gen9 |
Yes |
P89 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL360 Gen9 |
Yes |
P89 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
ML350 Gen9 |
Yes |
P92 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
ML150 Gen9 |
Yes |
P95 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
ML110 Gen9 |
Yes |
P99 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL60 Gen9 |
Yes |
U15 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL80 Gen9 |
Yes |
U15 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL160 Gen9 |
Yes |
U20 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL180 Gen9 |
Yes |
U20 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
Microserver Gen8 |
Yes |
J06 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
SL4540 Gen8 |
Yes |
P74 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
SL230s Gen8 |
Yes |
P75 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
SL250s Gen8 |
Yes |
P75 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
SL270s Gen8 |
Yes |
P75 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
SL210t Gen8 |
Yes |
P83 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL160 Gen10 |
Yes |
U31 |
v1.32 (02/01/2018) |
Reference
Customer Bulletin |
||
|
Servers |
Synergy |
Synergy
620 Gen9 Compute Module |
Yes |
I40 |
Reference
Customer Bulletin |
|||
|
Servers |
Synergy |
Synergy
680 Gen9 Compute Module |
Yes |
I40 |
Reference
Customer Bulletin |
|||
|
Servers |
Synergy |
Synergy
480 Gen10 Compute Module |
Yes |
I42 |
Reference
Customer Bulletin |
|||
|
Servers |
Synergy |
Synergy
660 Gen10 Compute Module |
Yes |
I43 |
Reference
Customer Bulletin |
|||
|
Servers |
Synergy |
Synergy
480 Gen9 Compute Module |
Yes |
I37 |
Reference
Customer Bulletin |
|||
|
Servers |
Synergy |
Synergy
660 Gen9 Compute Module |
Yes |
I39 |
Reference
Customer Bulletin |
|||
|
Servers |
Synergy |
Synergy
Composer (HPE OneView) |
No |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Servers |
IoT
Gateway |
HPE
GL10 IoT Gateway |
Yes |
|
|
Under
Investigation |
|
|
|
Servers |
IoT
Gateway |
HPE
GL20 IoT Gateway |
Yes |
|
|
Under
Investigation |
|
|
|
Servers |
HPE
OneView |
HPE
OneView |
No |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. Appropriate
hypervisor vendor patches must be applied. |
|
|
|
Servers |
HPE OneView |
HPE
OneView Global Dashboard |
No |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. Appropriate
hypervisor vendor patches must be applied. |
|
|
|
Servers |
Synergy |
Image
Streamer |
Yes |
|
|
Under
Investigation |
|
|
|
Servers |
Platform
Software |
HPE
Systems Insight Manager (SIM) |
No |
|
|
Not
Vulnerable |
|
|
|
Servers |
Platform
Software |
HPE
System Management Homepage (SMH) |
No |
|
|
Not
Vulnerable |
|
|
|
Servers |
Platform
Software |
MOE |
No |
|
|
Not
Vulnerable |
|
|
|
Servers |
Platform
Software |
IS
Installer |
No |
|
|
Not
Vulnerable |
|
|
|
Servers |
Platform
Software |
WMI
Mapper |
No |
|
|
Not
Vulnerable |
|
|
|
Servers |
ProLiant |
ProLiant
DL385 Gen10 (AMD System) |
Yes |
A40 |
Reference
Customer Bulletin |
|||
|
Servers |
Interconnects |
HPE
6125XLG Ethernet Blade Switch |
No |
|
|
Not
Vulnerable |
|
|
|
Servers |
Interconnects |
HPE
6127XLG Blade Switch |
No |
|
|
Not
Vulnerable |
|
|
|
Servers |
Apollo |
HPE
Apollo Ethernet Switch |
No |
|
|
Not
Vulnerable |
|
|
|
Servers |
Moonshot |
HPE
Moonshot Networking Modules |
No |
|
|
Not
Vulnerable |
|
|
|
Servers |
NIC |
HP
BLc 10/100/1000MbE Pass-Thru |
No |
|
|
|
|
|
|
Servers |
NIC |
HPE
1Gb Ethernet Pass-Thru Module for BladeSystem c-Class |
No |
|
|
|
|
|
|
Servers |
NIC |
HPE
10-GbE Pass-Thru Module |
No |
|
|
|
|
|
|
Servers |
NIC |
4Gb
Fibre Channel Pass-Thru Module for BladeSystem c-Class |
No |
|
|
|
|
|
|
Servers |
Interconnects |
Virtual
Connect Interconnect Modules |
No |
|
|
Not
Vulnerable - products don't use vulnerable CPUs and don't allow arbitrary
code execution |
|
|
|
servers |
Interconnects |
HPE
VC Flex-10 10Gb Enet Module |
No |
|
|
Not
Vulnerable - products don't use vulnerable CPUs and don't allow arbitrary
code execution |
|
|
|
servers |
Interconnects |
HPE
VC FlexFabric 10Gb/24-Port Module |
No |
|
|
Not
Vulnerable - products don't use vulnerable CPUs and don't allow arbitrary
code execution |
|
|
|
servers |
Interconnects |
HPE
VC FlexFabric 20/40 F8 Module |
No |
|
|
Not
Vulnerable - products don't use vulnerable CPUs and don't allow arbitrary
code execution |
|
|
|
servers |
Interconnects |
HPE
VC 8Gb 20-Port FC Module |
No |
|
|
Not
Vulnerable - products don't use vulnerable CPUs and don't allow arbitrary
code execution |
|
|
|
servers |
Interconnects |
HPE
VC 8Gb 24-Port FC Module |
No |
|
|
Not
Vulnerable - products don't use vulnerable CPUs and don't allow arbitrary
code execution |
|
|
|
servers |
Interconnects |
HPE
VC 16Gb 24-Port FC Module |
No |
|
|
Not
Vulnerable - products don't use vulnerable CPUs and don't allow arbitrary
code execution |
|
|
|
servers |
Interconnects |
HPE
VC Flex-10/10D Module |
No |
|
|
Not
Vulnerable - products don't use vulnerable CPUs and don't allow arbitrary
code execution |
|
|
|
Servers |
Moonshot |
Moonshot
m700 Server Cartridge (AMD System) |
Yes |
A34 |
TBD |
Reference
Customer Bulletin |
||
|
Servers |
Moonshot |
Moonshot
m700p Server Cartridge (AMD System) |
Yes |
A35 |
TBD |
Reference
Customer Bulletin |
||
|
Servers |
ProLiant |
ProLiant
BL465c Gen8 (AMD System) |
Yes |
A26 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL385p Gen8 (AMD System) |
Yes |
A28 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL385 G7 (AMD System) |
Yes |
A18 |
|
|
||
|
Servers |
ProLiant |
ProLiant
BL620c G7 |
Yes |
I25 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
BL680c G7 |
Yes |
I25 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL580 G7 |
Yes |
P65 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL980 G7 |
Yes |
P66 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
BL460c G7 |
Yes |
I27 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
BL490c G7 |
Yes |
I28 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
BL2x220c G7 |
Yes |
I29 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL380 G7 |
Yes |
P67 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL360 G7 |
Yes |
P68 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
SL390s G7 |
Yes |
P69 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL380 G7 SE |
Yes |
V67 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
ML110 G7 |
Yes |
J01 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL120 G7 |
Yes |
J01 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
ML350 G6 |
Yes |
D22 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
BL490c G6 |
Yes |
I21 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
BL280c G6 |
Yes |
I22 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
BL460c G6 |
Yes |
I24 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
BL2x220c G6 |
Yes |
I26 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL380 G6 |
Yes |
P62 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
ML370 G6 |
Yes |
P63 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL370 G6 |
Yes |
P63 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL360 G6 |
Yes |
P64 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
ML330 G6 |
Yes |
W07 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL320 G6 |
Yes |
W07 |
Reference
Customer Bulletin |
|||
|
Servers |
ProLiant |
ProLiant
DL585 G7 (AMD System) |
Yes |
A16 |
Reference
Customer Bulletin |
|
||
|
Servers |
ProLiant |
ProLiant
BL685c G7 (AMD System) |
Yes |
A20 |
Reference
Customer Bulletin |
|
||
|
Servers |
ProLiant |
ProLiant
SL4545 G7 (AMD System) |
Yes |
A31 |
Reference
Customer Bulletin |
|
||
|
Servers |
Interconnects |
Virtual
Connect SE Interconnect Modules for Synergy |
No |
|
|
Not
Vulnerable - products don't use vulnerable CPUs and don't allow arbitrary
code execution |
|
|
|
Servers |
Synergy |
HPE
Synergy 40Gb F8 Switch Module |
No |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Servers |
Synergy |
HPE
Virtual Connect SE 40GB F8 Module for HPE Synergy |
No |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Servers |
ProLiant |
ProLiant
DL160 G6 |
Yes |
|
|
HPE
will not provide patched microcode: HPE recommends customers mitigate the
vulnerability by applying OS patches |
|
|
|
Servers |
ProLiant |
ProLiant
SL160z G6 |
Yes |
|
|
HPE
will not provide patched microcode: HPE recommends customers mitigate the
vulnerability by applying OS patches |
|
|
|
Servers |
ProLiant |
ProLiant
SL160s G6 |
Yes |
|
|
HPE
will not provide patched microcode: HPE recommends customers mitigate the
vulnerability by applying OS patches |
|
|
|
Servers |
ProLiant |
ProLiant
DL180 G6 |
Yes |
|
|
HPE
will not provide patched microcode: HPE recommends customers mitigate the
vulnerability by applying OS patches |
|
|
|
Servers |
ProLiant |
ProLiant
ML150 G6 |
Yes |
|
|
HPE
will not provide patched microcode: HPE recommends customers mitigate the
vulnerability by applying OS patches |
|
|
|
Servers |
ProLiant |
ProLiant
DL120 G6 |
Yes |
|
|
HPE
will not provide patched microcode: HPE recommends customers mitigate the
vulnerability by applying OS patches |
|
|
|
Servers |
ProLiant |
ProLiant
ML110 G6 |
Yes |
|
|
HPE
will not provide patched microcode: HPE recommends customers mitigate the
vulnerability by applying OS patches |
|
|
|
Servers |
ProLiant |
ProLiant
SL170s G6 |
Yes |
|
|
HPE
will not provide patched microcode: HPE recommends customers mitigate the
vulnerability by applying OS patches |
|
|
|
Servers |
ProLiant |
ProLiant
DL170h G6 |
Yes |
|
|
HPE
will not provide patched microcode: HPE recommends customers mitigate the
vulnerability by applying OS patches |
|
|
|
Servers |
ProLiant |
ProLiant
DL170e G6 |
Yes |
|
|
HPE
will not provide patched microcode: HPE recommends customers mitigate the
vulnerability by applying OS patches |
|
|
|
Servers |
ProLiant |
ProLiant
SL170z G6 |
Yes |
|
|
HPE
will not provide patched microcode: HPE recommends customers mitigate the
vulnerability by applying OS patches |
|
|
|
Servers |
ProLiant |
ProLiant
SL2x170z G6 |
Yes |
|
|
HPE
will not provide patched microcode: HPE recommends customers mitigate the
vulnerability by applying OS patches |
|
|
|
Servers |
Platform
Software |
Insight
Control Server Provisioning (ICsp) |
No |
|
|
|
|
|
|
Servers |
Platform
Software |
Insight
Control |
No |
|
|
|
|
|
|
SGI |
SGI |
SGI
UV 30 |
Yes |
|
|
Under
investigation - further information forthcoming |
|
|
|
SGI |
SGI |
SGI
UV 3000 |
Yes |
|
|
Reference
Customer Bulletin |
|
|
|
SGI |
SGI |
SGI
UV 2000 |
Yes |
|
|
Reference
Customer Bulletin |
|
|
|
SGI |
SGI |
SGI
UV 20 |
Yes |
|
|
Under
investigation - further information forthcoming |
|
|
|
SGI |
SGI |
SGI
UV 10 |
Yes |
|
|
Under
investigation - further information forthcoming |
|
|
|
SGI |
SGI |
SGI
UV 100 |
Yes |
|
|
Reference
Customer Bulletin |
|
|
|
SGI |
SGI |
SGI
UV 1000 |
Yes |
|
|
Reference
Customer Bulletin |
|
|
|
SGI |
SGI |
SGI
Rackable |
Yes |
|
|
Under
investigation |
|
|
|
SGI |
SGI |
SGI
ICE |
Yes |
|
|
Under
investigation |
|
|
|
SGI |
SGI |
SGI
MIS |
Yes |
|
|
Under
investigation |
|
|
|
Simplivity |
Simplivity |
HPE
SimpliVity 380 Gen9 Nodes |
Yes |
|
3.7.4 |
https://www.hpe.com/global/swpublishing/MTX-8c290873f03449359a9a0750d9 |
|
|
|
Simplivity |
Simplivity |
HPE
SimpliVity 380 Gen10 Nodes |
Yes |
|
3.7.4 |
https://www.hpe.com/global/swpublishing/MTX-8c290873f03449359a9a0750d9 |
|
|
|
Simplivity |
Simplivity |
SimpliVity
OmniCube |
Yes |
|
3.7.4 |
https://www.hpe.com/global/swpublishing/MTX-8c290873f03449359a9a0750d9 |
|
|
|
Simplivity |
Simplivity |
SimpliVity
OmniStack for Cisco |
Yes |
|
3.7.4 |
https://www.hpe.com/global/swpublishing/MTX-8c290873f03449359a9a0750d9 |
|
|
|
Simplivity |
Simplivity |
SimpliVity
OmniStack for DELL |
Yes |
|
3.7.4 |
https://www.hpe.com/global/swpublishing/MTX-8c290873f03449359a9a0750d9 |
|
|
|
Simplivity |
Simplivity |
SimpliVity
OmniStack for Lenovo |
Yes |
|
3.7.4 |
https://www.hpe.com/global/swpublishing/MTX-8c290873f03449359a9a0750d9 |
|
|
|
Storage |
3PAR |
3PAR
StoreServ 7xxx |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
3PAR |
3PAR
StoreServ 8xxx |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
3PAR |
3PAR
StoreServ 9xxx |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
3PAR |
3PAR
StoreServ 10xxx |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
3PAR |
3PAR
StoreServ 20xxx |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
3PAR |
3PAR
StoreServ Service Processor DL120 G8 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
3PAR |
3PAR
StoreServ Service Processor DL320e G8 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
3PAR |
3PAR
StoreServ Service Processor DL120 G9 v3 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
3PAR |
3PAR
StoreServ Service Processor DL120 G9 v4 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
3PAR |
3PAR
StoreServ Service Processor DL360e G8 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
3PAR |
3PAR
StoreServ File Controller v3 |
Yes |
|
|
Reference
Customer Bulletin |
||
|
Storage |
3PAR |
StoreVirtual
3000 File Controller |
Yes |
|
|
Reference
Customer Bulletin |
||
|
Storage |
XP |
XP7
Gen1 and Gen2 SVP & MP |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreEasy |
StoreEasy
1450 |
Yes |
|
|
Reference
Customer Bulletin |
||
|
Storage |
StoreEasy |
StoreEasy
1550 |
Yes |
|
|
Reference
Customer Bulletin |
||
|
Storage |
StoreEasy |
StoreEasy
1650 |
Yes |
|
|
Reference
Customer Bulletin |
||
|
Storage |
StoreEasy |
StoreEasy
1650E |
Yes |
|
|
Reference
Customer Bulletin |
|
|
|
Storage |
StoreEasy |
StoreEasy
1850 |
Yes |
|
|
Reference
Customer Bulletin |
||
|
Storage |
StoreEasy |
StoreEasy
3850 |
Yes |
|
|
Reference
Customer Bulletin |
||
|
Storage |
StoreOnce |
StoreOnce
3100 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
3520 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
3540 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
5100 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
5500 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
6600 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
2700 capacity upgrades only |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
2900 capacity upgrades only |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
4500 capacity upgrades only |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
4700 capacity upgrades only |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
4900 capacity upgrades only |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
6500 capacity upgrades only |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
D2D2502i |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
D2D2504i |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
D2D4106i |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
D2D4106fc |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
D2D4112 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
D2D4312 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
D2D4324 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
2620 iSCSI |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
4210 iSCSI |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
4220 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
4420 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
4430 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreOnce |
StoreOnce
B6200 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
MSA |
MSA
1040 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
MSA |
MSA
2040 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
MSA |
MSA
2042 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
MSA |
MSA
1050 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
MSA |
MSA
2050 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
MSA |
MSA
2052 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
MSA |
MSA P2000 G3 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreVirtual |
StoreVirtual
3200 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreVirtual |
StoreVirtual
4130 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreVirtual |
StoreVirtual
4330 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreVirtual |
StoreVirtual
4330 FC |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreVirtual |
StoreVirtual
4335 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreVirtual |
StoreVirtual
4530 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreVirtual |
StoreVirtual
4730 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreVirtual |
StoreVirtual
4730 FC |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
StoreVirtual |
StoreVirtual
4630 |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
Storage |
XP
P9500 SVP & MP |
Yes |
|
|
Not
Vulnerable - Product doesn't allow arbitrary code execution. Note : SVP is
not impacted. |
|
|
|
Storage |
Storage |
XP24000/20000
SVP & MP |
No |
|
|
Not
Vulnerable |
|
|
|
Storage |
Storage |
HPE
P4300 G2 Storage System |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
Storage |
HPE
P4500 G2 Storage System |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
Storage |
HPE
P4800 G2 SAS SAN BladeSystem |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
Storage |
HPE
P4900 G2 SSD Storage System |
Yes |
|
|
Not
Vulnerable – Product doesn’t allow arbitrary code execution. |
|
|
|
Storage |
Storage |
StoreFabric
B-Series FC Switches |
Yes |
|
|
Not
Vulnerable - Product doesn't allow arbitrary code execution. |
|
|
|
Storage |
EVA |
HP
EVA Storage |
No |
|
|
Not
Vulnerable |
|
|
|
Storage |
Storage |
StoreFabric
C-Series FC Switches |
Yes |
|
|
Not
Vulnerable - Product doesn't allow arbitrary code execution. |
|
|
|
Storage |
3PAR |
3PAR
StoreServ Service Processor Supermicro II |
No |
|
|
Not
Vulnerable |
|
|
|
Storage |
Storage |
StoreFabric
M-Series Ethernet Switch Family |
Yes |
|
|
Not
Vulnerable - Product doesn't allow arbitrary code execution. |
|
|