Note to readers

This publication does not currently meet the Government of Canada's Web Standards. The information remains valid.

HP security bulletin

Number: AV17-118
Date: 04 August 2017

Purpose

The purpose of this advisory is to bring attention to HP security bulletin.

Assessment

HP has released a security update to address a potential security problem that has been identified in HPE Proliant ML10 Gen9 server using Intel Xeon E3-1200M v5 and 6th Generation Intel Core Processors. The vulnerability could allow a remote unauthorized attacker to write to file systems.

Affected software versions:

  • HPE ProLiant ML10 Gen9 E3-1225 v5 4GB-R 1TB Non-hot Plug 4LFF SATA 300W Svr/S-Buy SP
  • HPE ProLiant ML10 Gen9 E3-1225 v5 8GB-R 1TB Non-hot Plug 4LFF SATA 300W Perf Svr SP
  • HPE ProLiant ML10 Gen9 E3-1225 v5 8GB-R 2TB Non-hot Plug 4LFF SATA 300W Svr/GO SP
  • HPE ProLiant ML10 Gen9 E3-1225 v5 8GB-R 2TB Non-hot Plug 4LFF SATA 300W Svr/TV SP
  • HPE ProLiant ML10 Gen9 G4400 4GB-R Non-hot Plug 4LFF SATA 300W Entry Svr SP
  • HPE ProLiant ML10 Gen9 E3-1225 v5 3.3GHz 4-core 8GB-R 1TB Non-hot Plug 4LFF SATA 300W AP Svr/Promo SP

CVE Reference: CVE-2017-5691

Suggested Action

CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.

References:

http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesb3p03767en_us

Date modified: