BugZero | Hewlett Packard Enterprise BugID hpesbhf03856en_us - HPESBHF03856 rev.1

Hewlett Packard Enterprise - Defect ID: hpesbhf03856en_us

HPESBHF03856 rev.1 - Comware v7 and Intelligent Management Center Products, Remote Denial of Service

Hewlett Packard Enterprise - Defect ID: hpesbhf03856en_us

HPESBHF03856 rev.1 - Comware v7 and Intelligent Management Center Products, Remote Denial of Service

Last updated on 9/23/2023

Overall: 0N/A

Severity: 0N/A

Community: 0N/A

Lifecycle: 0N/A

What is the BugZero Risk Score?

Vendor details

Priority: Security Bulletin

Overall: 0N/A

Severity: 0N/A

Community: 0N/A

Lifecycle: 0N/A

What is the BugZero Risk Score?

Vendor details

Priority: Security Bulletin

Info

Document Subtype: Security Bulletin Document ID: hpesbhf03856en_us Last Updated: 2018-07-10 Release Date: 2018-07-10 Document Version: 1 Potential Security Impact: Remote: Denial of Service (DoS) Source: Hewlett Packard Enterprise, HPE Product Security Response Team VULNERABILITY SUMMARY Security vulnerabilities in HPE Comware v7 and Intelligent Management Center (iMC) products could be remotely exploited to allow a Denial of Service (DoS). References: CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2182 CVE-2016-6306 CVE-2016-6309 CVE-2016-7052 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HPE Intelligent Management Center (iMC) iMC 7.3 - IMC PLAT HPE FlexFabric 12500 Switch Series Comware 7 - Detailed list of switches provided below HPE FlexNetwork 10500 Switch Series Comware 7 - Detailed list of switches provided HPE FlexNetwork 7500 Switch Series Comware 7 - Detailed list of switches provided HPE FlexFabric 5900 Switch Series Comware 7 - Detailed list of switches provided HPE FlexNetwork VSR1000 Virtual Services Router Series Comware 7 - Detailed list of switches provided HPE FlexFabric 7900 Switch Series Comware 7 - Detailed list of switches provided below HPE FlexNetwork 5130 EI Brazil Switch Series Comware 7 - Detailed list of switches provided below HPE FlexNetwork 5130 EI Switch Series Comware 7 - Detailed list of switches provided below HPE 6125XLG Ethernet Blade Switch Comware 7 - Detailed list of switches provided below HPE 6127XLG Blade Switch Comware 7 - Detailed list of switches provided below HPE Moonshot-180XGc Switch Module Comware 7 - Detailed list of switches provided below HPE Moonshot-45Gc Switch Module Comware 7 - Detailed list of switches provided below HPE Moonshot-45XGc Switch Module Comware 7 - Detailed list of switches provided below HPE FlexFabric 5930 Switch Series Comware 7 - Detailed list of switches provided below HPE FlexFabric 5940 Switch Series Comware 7 - Detailed list of switches provided below HPE FlexFabric 5950 Switch Series Comware 7 - Detailed list of switches provided below HPE FlexFabric 5700 Switch Series Comware 7 - Detailed list of switches provided below HPE FlexNetwork 5130 HI Switch Series Comware 7 - Detailed list of switches provided below HPE FlexNetwork 5510 HI Switch Series Comware 7 - Detailed list of switches provided below HPE IMC User Access Management Software iMC UAM_TAM 7.3 E0504 BACKGROUND CVSS Version 3.0 and Version 2.0 Base Metrics Reference V3 Vector V3 Base Score V2 Vector V2 Base Score CVE-2016-2177 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 7.3 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2016-2178 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 4.0 (AV:L/AC:L/Au:N/C:P/I:N/A:N) 2.1 CVE-2016-2179 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 5.3 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2016-2180 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 5.3 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2016-2182 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 7.3 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2016-6306 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L 5.6 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2016-6309 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.8 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2016-7052 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 5.3 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 Information on CVSS is documented in HPE Customer Notice: HPSN-2008-002 RESOLUTION HPE has provided software updates to address the vulnerabilities in the following HPE Intelligent Management Center (iMC) and Comware 7 products: 12500 (Comware 7) - Version: R7377P03 HP Network Products JC072B HP 12500 Main Processing Unit JC085A HP A12518 Switch Chassis JC086A HP A12508 Switch Chassis JC652A HP 12508 DC Switch Chassis JC653A HP 12518 DC Switch Chassis JC654A HP 12504 AC Switch Chassis JC655A HP 12504 DC Switch Chassis JF430A HP A12518 Switch Chassis JF430B HP 12518 Switch Chassis JF430C HP 12518 AC Switch Chassis JF431A HP A12508 Switch Chassis JF431B HP 12508 Switch Chassis JF431C HP 12508 AC Switch Chassis JG497A HP 12500 MPU w/Comware V7 OS JG782A HP FF 12508E AC Switch Chassis JG783A HP FF 12508E DC Switch Chassis JG784A HP FF 12518E AC Switch Chassis JG785A HP FF 12518E DC Switch Chassis JG802A HP FF 12500E MPU CVEs CVE-2016-2177 10500 (Comware 7) R75XX - Version: R7524P02 HP Network Products JC611A HP 10508-V Switch Chassis JC612A HP 10508 Switch Chassis JC613A HP 10504 Switch Chassis JC748A HP 10512 Switch Chassis JG608A HP FlexFabric 11908-V Switch Chassis JG609A HP FlexFabric 11900 Main Processing Unit JG820A HP 10504 TAA Switch Chassis JG821A HP 10508 TAA Switch Chassis JG822A HP 10508-V TAA Switch Chassis JG823A HP 10512 TAA Switch Chassis JG496A HP 10500 Type A MPU w/Comware v7 OS JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System Main Processing Unit CVEs CVE-2016-2177 7500 (Comware 7) - Version: R7524P02 HP Network Products JD238C HP 7510 Switch Chassis JD239C HP 7506 Switch Chassis JD240C HP 7503 Switch Chassis JD242C HP 7502 Switch Chassis JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only Main Processing Unit JH208A HP 7502 Main Processing Unit JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port 40GbE QSFP+ Main Processing Unit CVEs CVE-2016-2177 5900 (Comware 7) - Version: R2432P01 HP Network Products JC772A HP 5900AF-48XG-4QSFP+ Switch JG296A HP 5920AF-24XG Switch JG336A HP 5900AF-48XGT-4QSFP+ Switch JG510A HP 5900AF-48G-4XG-2QSFP+ Switch JG554A HP 5900AF-48XG-4QSFP+ TAA Switch JG555A HP 5920AF-24XG TAA Switch JG838A HP FF 5900CP-48XG-4QSFP+ Switch JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant CVEs CVE-2016-2177 VSR (Comware 7) - Version: VSR E0325 HP Network Products JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software JG811AAE HP VSR1001 Comware 7 Virtual Services Router JG812AAE HP VSR1004 Comware 7 Virtual Services Router JG813AAE HP VSR1008 Comware 7 Virtual Services Router CVEs CVE-2016-2177 7900 (Comware 7) - Version: R2710 HP Network Products JG682A HP FlexFabric 7904 Switch Chassis JG841A HP FlexFabric 7910 Switch Chassis JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit CVEs CVE-2016-2177 5130EI (Comware 7) - Version: R3115P05 HP Network Products JG932A HP 5130-24G-4SFP+ EI Switch JG933A HP 5130-24G-SFP-4SFP+ EI Switch JG934A HP 5130-48G-4SFP+ EI Switch JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch JG938A HP 5130-24G-2SFP+-2XGT EI Switch JG939A HP 5130-48G-2SFP+-2XGT EI Switch JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch JG975A HP 5130-24G-4SFP+ EI Brazil Switch JG976A HP 5130-48G-4SFP+ EI Brazil Switch JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch CVEs CVE-2016-2177 6125XLG - Version: R2432P01 HP Network Products 711307-B21 HP 6125XLG Blade Switch 737230-B21 HP 6125XLG Blade Switch with TAA CVEs CVE-2016-2177 6127XLG - Version: R2432P01 HP Network Products 787635 HP 6127XLG Blade Switch Opt Kit CVEs CVE-2016-2177 Moonshot - Version: R2432P01 HP Network Products 786617-B21 - HP Moonshot-45Gc Switch Module 704654-B21 - HP Moonshot-45XGc Switch Module 786619-B21 - HP Moonshot-180XGc Switch Module CVEs CVE-2016-2177 5700 (Comware 7) - Version: R2432P01 HP Network Products JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch CVEs CVE-2016-2177 5930 (Comware 7) - Version: R2432P01 HP Network Products JG726A HP FlexFabric 5930 32QSFP+ Switch JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch JH179A HP FlexFabric 5930 4-slot Switch JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch CVEs CVE-2016-2177 5950 (Comware 7) - Version: R6125 HP Network Products JH321A HPE FlexFabric 5950 32QSFP28 Switch JH402A HPE FlexFabric 5950 48SFP28 8QSFP28 Switch JH404A HPE FlexFabric 5950 4-slot Switch JH321A HPE FlexFabric 5950 32QSFP28 Switch CVEs CVE-2016-2177 5940 (Comware 7) - Version: R2609 HP Network Products JH390A HPE FlexFabric 5940 48SFP+ 6QSFP28 Switch JH391A HPE FlexFabric 5940 48XGT 6QSFP28 Switch JH394A HPE FlexFabric 5940 48XGT 6QSFP+ Switch JH395A HPE FlexFabric 5940 48SFP+ 6QSFP+ Switch JH396A HPE FlexFabric 5940 32QSFP+ Switch JH397A HPE FlexFabric 5940 2-slot Switch JH398A HPE FlexFabric 5940 4-slot Switch CVEs CVE-2016-2177 5510HI (Comware 7) - Version: R1121P01 HP Network Products JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch CVEs CVE-2016-2177 5130HI (Comware 7) - Version: R1121P02 HP Network Products JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch CVEs CVE-2016-2177 IMC PLAT - Version: iMC PLAT 7.3 E0504P04 HP Network Products JD125A HP IMC Std S/W Platform w/100-node JD126A HP IMC Ent S/W Platform w/100-node JD808A HP IMC Ent Platform w/100-node License JD814A HP A-IMC Enterprise Edition Software DVD Media JD815A HP IMC Std Platform w/100-node License JD816A HP A-IMC Standard Edition Software DVD Media JF288AAE HP Network Director to Intelligent Management Center Upgrade E-LTU JF289AAE HP Enterprise Management System to Intelligent Management Center Upgrade E-LTU JF377A HP IMC Std S/W Platform w/100-node Lic JF377AAE HP IMC Std S/W Pltfrm w/100-node E-LTU JF378A HP IMC Ent S/W Platform w/200-node Lic JF378AAE HP IMC Ent S/W Pltfrm w/200-node E-LTU JG546AAE HP IMC Basic SW Platform w/50-node E-LTU JG548AAE HP PCM+ to IMC Bsc Upgr w/50-node E-LTU JG549AAE HP PCM+ to IMC Std Upgr w/200-node E-LTU JG747AAE HP IMC Std SW Plat w/ 50 Nodes E-LTU JG748AAE HP IMC Ent SW Plat w/ 50 Nodes E-LTU JG768AAE HP PCM+ to IMC Std Upg w/ 200-node E-LTU JG550AAE HPE PCM+ Mobility Manager to IMC Basic WLAN Platform Upgrade 50-node and 150-AP E-LTU JG590AAE HPE IMC Basic WLAN Manager Software Platform 50 Access Point E-LTU JG660AAE HP IMC Smart Connect with Wireless Manager Virtual Appliance Edition E-LTU JG766AAE HP IMC Smart Connect Virtual Appliance Edition E-LTU JG767AAE HP IMC Smart Connect with Wireless Manager Virtual Appliance Edition E-LTU JG768AAE HPE PCM+ to IMC Standard Software Platform Upgrade with 200-node E-LTU JH704AAE Aruba IMC Std SW Plat w/50-node E-LTU JH705AAE Aruba IMC Ent SW Plat w/50-node E-LTU CVEs CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2182 CVE-2016-6306 CVE-2016-6309 CVE-2016-7052 IMC UAM_TAM - Version: iMC UAM_TAM 7.3 E0504 HP Network Products JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU JG483A HP IMC TAM S/W MODULE W/100-NODE LIC JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU CVEs CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2182 CVE-2016-6306 CVE-2016-6309 CVE-2016-7052 HISTORY Version:1 (rev.1) - 10 July 2018 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com. Report: To report a potential security vulnerability for any HPE supported product: Web Form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX System management and security procedures must be reviewed frequently to maintain system integrity. HPE is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. "HPE is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HPE products the important security information contained in this Bulletin. HPE recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HPE does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HPE will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HPE disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement." ©Copyright 2025 Hewlett Packard Enterprise Development LP Hewlett Packard Enterprise Development shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HPE nor its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise Development and the names of Hewlett Packard Enterprise Development products referenced herein are trademarks of Hewlett Packard Enterprise Development in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.

Scope

None

Resolution

HPE has provided software updates to address the vulnerabilities in the following HPE Intelligent Management Center (iMC) and Comware 7 products: 12500 (Comware 7) - Version: R7377P03 HP Network Products JC072B HP 12500 Main Processing Unit JC085A HP A12518 Switch Chassis JC086A HP A12508 Switch Chassis JC652A HP 12508 DC Switch Chassis JC653A HP 12518 DC Switch Chassis JC654A HP 12504 AC Switch Chassis JC655A HP 12504 DC Switch Chassis JF430A HP A12518 Switch Chassis JF430B HP 12518 Switch Chassis JF430C HP 12518 AC Switch Chassis JF431A HP A12508 Switch Chassis JF431B HP 12508 Switch Chassis JF431C HP 12508 AC Switch Chassis JG497A HP 12500 MPU w/Comware V7 OS JG782A HP FF 12508E AC Switch Chassis JG783A HP FF 12508E DC Switch Chassis JG784A HP FF 12518E AC Switch Chassis JG785A HP FF 12518E DC Switch Chassis JG802A HP FF 12500E MPU CVEs CVE-2016-2177 10500 (Comware 7) R75XX - Version: R7524P02 HP Network Products JC611A HP 10508-V Switch Chassis JC612A HP 10508 Switch Chassis JC613A HP 10504 Switch Chassis JC748A HP 10512 Switch Chassis JG608A HP FlexFabric 11908-V Switch Chassis JG609A HP FlexFabric 11900 Main Processing Unit JG820A HP 10504 TAA Switch Chassis JG821A HP 10508 TAA Switch Chassis JG822A HP 10508-V TAA Switch Chassis JG823A HP 10512 TAA Switch Chassis JG496A HP 10500 Type A MPU w/Comware v7 OS JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System Main Processing Unit CVEs CVE-2016-2177 7500 (Comware 7) - Version: R7524P02 HP Network Products JD238C HP 7510 Switch Chassis JD239C HP 7506 Switch Chassis JD240C HP 7503 Switch Chassis JD242C HP 7502 Switch Chassis JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only Main Processing Unit JH208A HP 7502 Main Processing Unit JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port 40GbE QSFP+ Main Processing Unit CVEs CVE-2016-2177 5900 (Comware 7) - Version: R2432P01 HP Network Products JC772A HP 5900AF-48XG-4QSFP+ Switch JG296A HP 5920AF-24XG Switch JG336A HP 5900AF-48XGT-4QSFP+ Switch JG510A HP 5900AF-48G-4XG-2QSFP+ Switch JG554A HP 5900AF-48XG-4QSFP+ TAA Switch JG555A HP 5920AF-24XG TAA Switch JG838A HP FF 5900CP-48XG-4QSFP+ Switch JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant CVEs CVE-2016-2177 VSR (Comware 7) - Version: VSR E0325 HP Network Products JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software JG811AAE HP VSR1001 Comware 7 Virtual Services Router JG812AAE HP VSR1004 Comware 7 Virtual Services Router JG813AAE HP VSR1008 Comware 7 Virtual Services Router CVEs CVE-2016-2177 7900 (Comware 7) - Version: R2710 HP Network Products JG682A HP FlexFabric 7904 Switch Chassis JG841A HP FlexFabric 7910 Switch Chassis JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit CVEs CVE-2016-2177 5130EI (Comware 7) - Version: R3115P05 HP Network Products JG932A HP 5130-24G-4SFP+ EI Switch JG933A HP 5130-24G-SFP-4SFP+ EI Switch JG934A HP 5130-48G-4SFP+ EI Switch JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch JG938A HP 5130-24G-2SFP+-2XGT EI Switch JG939A HP 5130-48G-2SFP+-2XGT EI Switch JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch JG975A HP 5130-24G-4SFP+ EI Brazil Switch JG976A HP 5130-48G-4SFP+ EI Brazil Switch JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch CVEs CVE-2016-2177 6125XLG - Version: R2432P01 HP Network Products 711307-B21 HP 6125XLG Blade Switch 737230-B21 HP 6125XLG Blade Switch with TAA CVEs CVE-2016-2177 6127XLG - Version: R2432P01 HP Network Products 787635 HP 6127XLG Blade Switch Opt Kit CVEs CVE-2016-2177 Moonshot - Version: R2432P01 HP Network Products 786617-B21 - HP Moonshot-45Gc Switch Module 704654-B21 - HP Moonshot-45XGc Switch Module 786619-B21 - HP Moonshot-180XGc Switch Module CVEs CVE-2016-2177 5700 (Comware 7) - Version: R2432P01 HP Network Products JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch CVEs CVE-2016-2177 5930 (Comware 7) - Version: R2432P01 HP Network Products JG726A HP FlexFabric 5930 32QSFP+ Switch JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch JH179A HP FlexFabric 5930 4-slot Switch JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch CVEs CVE-2016-2177 5950 (Comware 7) - Version: R6125 HP Network Products JH321A HPE FlexFabric 5950 32QSFP28 Switch JH402A HPE FlexFabric 5950 48SFP28 8QSFP28 Switch JH404A HPE FlexFabric 5950 4-slot Switch JH321A HPE FlexFabric 5950 32QSFP28 Switch CVEs CVE-2016-2177 5940 (Comware 7) - Version: R2609 HP Network Products JH390A HPE FlexFabric 5940 48SFP+ 6QSFP28 Switch JH391A HPE FlexFabric 5940 48XGT 6QSFP28 Switch JH394A HPE FlexFabric 5940 48XGT 6QSFP+ Switch JH395A HPE FlexFabric 5940 48SFP+ 6QSFP+ Switch JH396A HPE FlexFabric 5940 32QSFP+ Switch JH397A HPE FlexFabric 5940 2-slot Switch JH398A HPE FlexFabric 5940 4-slot Switch CVEs CVE-2016-2177 5510HI (Comware 7) - Version: R1121P01 HP Network Products JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch CVEs CVE-2016-2177 5130HI (Comware 7) - Version: R1121P02 HP Network Products JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch CVEs CVE-2016-2177 IMC PLAT - Version: iMC PLAT 7.3 E0504P04 HP Network Products JD125A HP IMC Std S/W Platform w/100-node JD126A HP IMC Ent S/W Platform w/100-node JD808A HP IMC Ent Platform w/100-node License JD814A HP A-IMC Enterprise Edition Software DVD Media JD815A HP IMC Std Platform w/100-node License JD816A HP A-IMC Standard Edition Software DVD Media JF288AAE HP Network Director to Intelligent Management Center Upgrade E-LTU JF289AAE HP Enterprise Management System to Intelligent Management Center Upgrade E-LTU JF377A HP IMC Std S/W Platform w/100-node Lic JF377AAE HP IMC Std S/W Pltfrm w/100-node E-LTU JF378A HP IMC Ent S/W Platform w/200-node Lic JF378AAE HP IMC Ent S/W Pltfrm w/200-node E-LTU JG546AAE HP IMC Basic SW Platform w/50-node E-LTU JG548AAE HP PCM+ to IMC Bsc Upgr w/50-node E-LTU JG549AAE HP PCM+ to IMC Std Upgr w/200-node E-LTU JG747AAE HP IMC Std SW Plat w/ 50 Nodes E-LTU JG748AAE HP IMC Ent SW Plat w/ 50 Nodes E-LTU JG768AAE HP PCM+ to IMC Std Upg w/ 200-node E-LTU JG550AAE HPE PCM+ Mobility Manager to IMC Basic WLAN Platform Upgrade 50-node and 150-AP E-LTU JG590AAE HPE IMC Basic WLAN Manager Software Platform 50 Access Point E-LTU JG660AAE HP IMC Smart Connect with Wireless Manager Virtual Appliance Edition E-LTU JG766AAE HP IMC Smart Connect Virtual Appliance Edition E-LTU JG767AAE HP IMC Smart Connect with Wireless Manager Virtual Appliance Edition E-LTU JG768AAE HPE PCM+ to IMC Standard Software Platform Upgrade with 200-node E-LTU JH704AAE Aruba IMC Std SW Plat w/50-node E-LTU JH705AAE Aruba IMC Ent SW Plat w/50-node E-LTU CVEs CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2182 CVE-2016-6306 CVE-2016-6309 CVE-2016-7052 IMC UAM_TAM - Version: iMC UAM_TAM 7.3 E0504 HP Network Products JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU JG483A HP IMC TAM S/W MODULE W/100-NODE LIC JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU CVEs CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2182 CVE-2016-6306 CVE-2016-6309 CVE-2016-7052 HISTORY Version:1 (rev.1) - 10 July 2018 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com. Report: To report a potential security vulnerability for any HPE supported product: Web Form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX

Original Vendor Announcement

Defect ID: a00138717en_us
Advisory: (Revision) HPE Compute Scale-up Server 3200 - System May Encounter an HWERR_BIOS_HALT_DETECTED Condition During the OS Crashdump Process
Defect ID: a00142136en_us
Advisory: (Revision) HPE ProLiant DL20/ML30 Gen10 Plus Servers - Systems Configured with Intel I350-T4 or Broadcom BCM5719 Adapters May Stop Responding During a Reboot or Shutdown if All Four NIC Ports Are Disabled
Defect ID: a00119124en_us
Notice: (Revision) HPE B-series Switches - Accessing HPE B-series SANnav, Fabric OS, and TruFOS Certificates
Defect ID: a00118860en_us
Advisory: HPE InfoSight for Servers - Manually Uploaded Active Health System (AHS) Log to the Analyze Log Page Is Not Displayed After a Successful Upload to the InfoSight Portal
Defect ID: a00146525en_us
Advisory: HPE OneView - OneView May Display the Error, "Unable to Create Volume Template Error Regarding Read-Only Attribute"

Ready to prevent the next vendor outage?

Get a demo

OPERATIONAL DEFECT DATABASE

Hewlett Packard Enterprise - Defect ID: hpesbhf03856en_us

HPESBHF03856 rev.1 - Comware v7 and Intelligent Management Center Products, Remote Denial of Service

Hewlett Packard Enterprise - Defect ID: hpesbhf03856en_us

HPESBHF03856 rev.1 - Comware v7 and Intelligent Management Center Products, Remote Denial of Service

Last updated on 9/23/2023

Vendor details

Vendor details

Description

Info

Scope

Resolution

Links

Top Hewlett Packard Enterprise defects by risk score

Ready to prevent the next vendor outage?