Hewlett Packard Enterprise Plugs Critical Bug in Edge Platform Tool
Hewlett Packard Enterprise (HPE) has released a patch for a critical bug in its Edge Platform Tool. According to researchers, the bug can be exploited to conduct remote authentication bypass attacks, leading to the ability to inflict further damage to the targeted network. The company has urged its customers to implement the patch immediately to avoid any risk of cloud infrastructure infiltration or attack. The vulnerability carries a CVSS score of 9.8 out of a 10 point scale.
Researchers at Tenable first uncovered the vulnerability in late January, notifying HPE in early February. The company has just released the patch on Thursday. According to Tenable, more than a dozen versions of the software are impacted by the bug. These range from those running on operating systems such as CentOS to multiple versions of Windows, says HPE. If exploited by attackers, victims could experience a range of security incidents such as denial-of-service attacks, changed configurations, and unauthorized privileged access to their networks.