Vulnerability Details : CVE-2014-2601
The server in HP Integrated Lights-Out 2 (aka iLO 2) 2.23 and earlier allows remote attackers to cause a denial of service via crafted HTTPS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool.
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2014-2601
Probability of exploitation activity in the next 30 days: 2.36%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 88 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-2601
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST |
References for CVE-2014-2601
-
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04244787
HP Support for Technical Help and Troubleshooting | HP® Customer Service.Patch;Vendor Advisory
-
https://isc.sans.edu/forums/diary/Be+Careful+what+you+Scan+for/18017/
Be Careful what you Scan for! - SANS Internet Storm Center
-
http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04249852-1
-
http://www.securitytracker.com/id/1030148
HP integrated Lights Out (iLO) SSL Library Bug Lets Remote Users Deny Service - SecurityTracker
Products affected by CVE-2014-2601
- cpe:2.3:o:hp:integrated_lights-out_2_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:integrated_lights-out_2_firmware:1.70:*:*:*:*:*:*:*
- cpe:2.3:o:hp:integrated_lights-out_2_firmware:1.75:*:*:*:*:*:*:*
- cpe:2.3:o:hp:integrated_lights-out_2_firmware:1.00:*:*:*:*:*:*:*
- cpe:2.3:o:hp:integrated_lights-out_2_firmware:1.10:*:*:*:*:*:*:*
- cpe:2.3:o:hp:integrated_lights-out_2_firmware:2.15:*:*:*:*:*:*:*
- cpe:2.3:o:hp:integrated_lights-out_2_firmware:2.12:*:*:*:*:*:*:*
- cpe:2.3:o:hp:integrated_lights-out_2_firmware:1.20:*:*:*:*:*:*:*
- cpe:2.3:o:hp:integrated_lights-out_2_firmware:1.30:*:*:*:*:*:*:*
- cpe:2.3:o:hp:integrated_lights-out_2_firmware:2.22:*:*:*:*:*:*:*
- cpe:2.3:o:hp:integrated_lights-out_2_firmware:2.20:*:*:*:*:*:*:*