Hewlett Packard Enterprise Product Security Vulnerability Alerts

Intel AMT Escalation of Privilege Vulnerability (CVE-2017-5689)

Version 2.0 :  Last Updated: May 10th, 2017

This website is updated frequently, as new product information becomes available.

On May 1st, 2017, Intel disclosed a new vulnerability with their Intel Manageability Firmware which is utilized on some systems containing Intel processors. This vulnerability allows an unprivileged network or local attacker to gain control of the remote manageability features of Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT) platforms. This vulnerability affects Intel’s AMT firmware and the products identified as “not impacted” do not use AMT firmware.

Additional information about this vulnerability is available at the NIST website (CVE-2017-5689).

Usage Instructions and Definitions for CVE Vulnerability Information

Data

Definition

Product Family

High-level product description.

Product Name

Detailed product description.

CVE-XXXX

Indicates whether the specific product is affected by the cited vulnerability.

(Impacted Y/N)

If Impacted

Information regarding how to address a vulnerability.

Mitigation Info

Link to Security Bulletin

Link to HPE's Security Bulletin

 

Use the following table to find vulnerability information.

Product Category

(impacted Y/N)

If Impacted - Mitigation

Link(s) to security bulletin (PSRT or Vendor)

ProLiant ML10 Gen9 Server

Yes

Update server firmware when available. HPE is waiting on the updated firmware from Intel.  Once this is available, HPE will complete the integration and testing. The firmware will be downloadable from HPE Support Center.

 

Edgeline EL20 Intelligent Gateway Series

Yes

Under investigation

 

Simplivity

Under Investigation

 

 

XP Storage

No

 

 

Hyper Converged

No

 

 

3PAR

No

 

 

StoreVirtual (P4000)

No

 

 

StoreEasy

No

 

 

StoreOnce

No

 

 

MSA Storage

No

 

 

ProLiant Servers (running HPE ProLiant System ROM and HPE iLO firmware)

No

 

 

Synergy Frame Link Module (FLM)

No

 

 

Synergy Compute Modules

No

 

 

Synergy Image Streamer

No

 

 

Synergy Composer

No

 

 

Onboard Administrator (OA)

No

 

 

Virtual Connect

No

 

 

EXL Mission Critical Servers

No

 

 

HPE Edgeline EL10 Intelligent Gateway Series

No

 

 

HPE Edgeline Chasiss (EL1000 and EL4000)

No

 

 

HPE ProLiant Server Cartridges (M710x and M510)

No

 

 

Cloudline

No

 

 

Converged System 700, 300, 200

No

 

 

Networking (H3C Network, HPE Network, Network Security, Aruba Network)

No

 

 

Converged System 700, 300, 200

No

 

 

NonStop

No

 

 

Enterprise Secure Key Manager (ESKM)

No

Atalla Ax160 HSM

No