CVE-2020-7205
Published: Jul 30, 2020
Modified: Aug 4, 2024
Description
A potential security vulnerability has been identified in HPE Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. The vulnerability could be locally exploited to allow arbitrary code execution during the boot process. **Note:** This vulnerability is related to using insmod in GRUB2 in the specific impacted HPE product and HPE is addressing this issue. HPE has made the following software updates and mitigation information to resolve the vulnerability in Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. HPE provided latest Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting Toolkit which includes the GRUB2 patch to resolve this vulnerability. These new boot images will update GRUB2 and the Forbidden Signature Database (DBX). After the DBX is updated, users will not be able to boot to the older IP, SPP or Scripting ToolKit with Secure Boot enabled. HPE have provided a standalone DBX update tool to work with Microsoft Windows, and supported Linux Operating Systems. These tools can be used to update the Forbidden Signature Database (DBX) from within the OS. **Note:** This DBX update mitigates the GRUB2 issue with insmod enabled, and the "Boot Hole" issue for HPE signed GRUB2 applications.
| Vendor | Product | Versions |
|---|---|---|
n/a | HP Intelligent Provisioning | affected Gen8 - Prior to 1.72affected Gen9 - Prior to 2.81affected Gen10 and Gen10 Plus v3.30 or earlieraffected v3.31affected v3.40. |
n/a | HPE ProLiant BL460c Gen9 Server Blade | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant BL660c Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant DL180 Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant DL60 Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant DL80 Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant ML110 Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant ML150 Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant XL740f Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant XL750f Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE Apollo 4200 Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant DL20 Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant DL560 Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant ML30 Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant ML350 Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant XL170r Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant XL190r Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant XL230a Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant XL250a Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant XL260a Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant XL450 Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant XL730f Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | ProLiant SE2160w Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant m510 Server Cartridge | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant m710x Server Blade | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant BL460c Gen10 Server Blade | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant DL360 Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant DL380 Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant DL560 Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant DL580 Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant ML110 Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant MicroServer Gen10 | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE Synergy 480 Gen10 Compute Module | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE Synergy 660 Gen10 Compute Module | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant DL180 Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant DL160 Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant DL120 Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant XL270d Gen9 Special Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant DL385 Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE Synergy 660 Gen9 Compute Module | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE Synergy 480 Gen9 Compute Module | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant WS460c Gen9 Graphics Server Blade | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HP ProLiant DL580 Gen8 Server | affected IP - Gen8 - Prior to 1.72affected SPP - Prior to Gen8.1. Scripting ToolKit - Prior to 11.40 |
n/a | HPE Synergy 620 Gen9 Compute Module | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant ML350 Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant DL580 Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant DL360 Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant XL170r Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE Cloudline CL2100 Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE Cloudline CL2200 Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE Cloudline CL3100 Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE Cloudline CL3150 Gen10 Server (AMD) | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant ML10 Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant DL120 Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant DL380 Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE Service Pack for ProLiant | affected Prior to Version 2020.03.0 |
n/a | HPE ProLiant DL160 Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant XL270d Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE Cloudline CL5800 Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE Cloudline CL5200 Gen9 Server | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE Cloudline CL4100 Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE Cloudline CL3100 Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE Apollo 4200 Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant DL325 Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant ML30 Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant DL20 Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE StoreEasy 1000 Storage Gen9 | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE StoreEasy 1000 Storage Gen10 | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE SimpliVity 380 Gen10 | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE SimpliVity 2600 Gen10 | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE Cloudline CL2600 Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE Cloudline CL2800 Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant e910 Server Blade | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant m750 Server Blade | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant m710x-L Server Blade | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE Cloudline CL5800 Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant MicroServer Gen10 Plus | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant XL450 Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant XL230k Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant XL190r Gen10 Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE SmartStart Scripting Toolkit Software | affected Prior to Version 11.40 |
n/a | HPE Apollo 2000 Gen10 Plus System | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant DL385 Gen10 Plus server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant DL325 Gen10 Plus server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant DX385 Gen10 Plus server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant XL220n Gen10 Plus Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant XL290n Gen10 Plus Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE Synergy 480 Gen10 Plus Compute Module | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant XL925g Gen10 Plus 1U 4-node Configure-to-order Server | affected IP - Gen10 and Gen10 Plus Servers - v3.30 or earlieraffected v3.31affected v3.40affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
n/a | HPE ProLiant e910t Server Blade | affected IP - Gen9 - Prior to 2.81affected SPP - Prior to 2020.03. Scripting ToolKit - Prior to 11.40 |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now