.. / CVE-2021-29203

Exploit for HPE Edgeline Infrastructure Manager <1.22 - Authentication Bypass (CVE-2021-29203)

Description:

HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software, prior to version 1.22 contains an authentication bypass vulnerability which could be remotely exploited to bypass remote authentication and possibly lead to execution of arbitrary commands, gaining privileged access, causing denial of service, and changing the configuration.

Nuclei Template

View the template here CVE-2021-29203.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2021/CVE-2021-29203.yaml

References:

https://github.com/ARPSyndicate/cvemon
https://nvd.nist.gov/vuln/detail/CVE-2021-29203
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04124en_us
https://github.com/ARPSyndicate/kenzer-templates
https://www.tenable.com/security/research/tra-2021-15

.. / CVE-2021-29203 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for HPE Edgeline Infrastructure Manager <1.22 - Authentication Bypass (CVE-2021-29203)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2021-29203