HPE Alletra 5000/6000 and NimbleOS hit by remote privilege escalation (HPESBST04995 rev.1): what to patch, why it matters, and how to reduce blast radius

HPE has published a security bulletin, HPESBST04995 rev.1, warning of a remote privilege elevation issue affecting HPE Alletra 6000, HPE Alletra 5000, and HPE Nimble Storage arrays running NimbleOS. The short version: if your storage fleet is on the wrong side of a particular NimbleOS build number, you should treat this like a “drop what…
Continue reading “HPE Alletra 5000/6000 and NimbleOS hit by remote privilege escalation (HPESBST04995 rev.1): what to patch, why it matters, and how to reduce blast radius”

Understanding Recent Vulnerabilities in HPE Servers Using Intel QuickAssist Technology

Introduction In recent technological developments, cybersecurity remains at the forefront as organizations battle ever-evolving threats. This article dissects a significant security bulletin from HPE concerning vulnerabilities in their ProLiant DL/ML/XD Alletra, and Synergy Servers using Intel’s QuickAssist Technology software drivers. The Heart of the Issue: Intel QuickAssist Technology Intel QuickAssist Technology (QAT) is integral for…
Continue reading “Understanding Recent Vulnerabilities in HPE Servers Using Intel QuickAssist Technology”