Privilege Escalation Vulnerability in HPE MC990 X and UV300 RMC
CVE-2023-30905

7.8HIGH

Key Information:

Vendor: HP
Status: HP Mc990 X Rmc Firmware
Vendor: CVE Published:; 16 June 2023

Summary

The MC990 X and UV300 RMC components have been identified with an inadequate default configuration, which may allow attackers to exploit this weakness to gain elevated privileges. Such vulnerabilities can lead to unauthorized access to sensitive information and manipulation of system settings, posing significant security risks for affected environments.

Affected Version(s)

HPE MC990 X RMC firmware 0 < 1.2.7

References

https://support.hpe.com/hpesc/public/docDisplay?docLocale...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 16, 2023
Vulnerability Reserved
Apr 20, 2023