|
|
| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2018-7101 |
20 |
|
DoS |
2018-09-27 |
2018-11-26 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A potential remote denial of service security vulnerability has been identified in HPE Integrated Lights Out 4 prior to v2.60 and iLO 5 for Gen 10 servers prior to v1.30. |
|
2 |
CVE-2018-7093 |
254 |
|
DoS |
2018-08-14 |
2018-10-11 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior to v2.55 could be remotely exploited to create a denial of service. |
|
3 |
CVE-2018-7078 |
|
|
Exec Code |
2018-08-06 |
2018-10-05 |
9.0 |
None |
Remote |
Low |
Single system |
Complete |
Complete |
Complete |
|
A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2.60 and HPE Integrated Lights-Out 5 (iLO 5) earlier than version v1.30. |
|
4 |
CVE-2017-12543 |
200 |
|
+Info |
2018-02-15 |
2018-03-12 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
A remote disclosure of information vulnerability in Moonshot Remote Console Administrator Prior to 2.50, iLO4 prior to v2.53, iLO3 prior to v1.89 and iLO2 prior to v2.30 was found. |
|
5 |
CVE-2017-12542 |
|
|
Exec Code Bypass |
2018-02-15 |
2018-07-23 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 (iLO 4) version prior to 2.53 was found. |
|
6 |
CVE-2016-4406 |
79 |
|
XSS |
2018-08-06 |
2018-10-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A remote cross site scripting vulnerability was identified in HPE iLO 3 all version prior to v1.88 and HPE iLO 4 all versions prior to v2.44. |
|
7 |
CVE-2016-4375 |
|
|
DoS +Info |
2016-09-08 |
2016-11-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 (aka iLO 3) firmware before 1.88, Integrated Lights-Out 4 (aka iLO 4) firmware before 2.44, and Integrated Lights-Out 4 (aka iLO 4) mRCA firmware before 2.32 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. |
|
8 |
CVE-2015-5435 |
|
|
DoS |
2015-09-29 |
2016-12-23 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
|
Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 3 before 1.85 and 4 before 2.22 allows remote authenticated users to cause a denial of service via unknown vectors. |
|
9 |
CVE-2015-2106 |
|
|
DoS Bypass |
2015-03-31 |
2016-11-29 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial of service via unknown vectors. |
|
10 |
CVE-2014-7876 |
|
|
DoS Exec Code +Priv |
2015-03-31 |
2016-08-24 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management (CM) firmware before 1.30 allows remote attackers to gain privileges, execute arbitrary code, or cause a denial of service via unknown vectors. |
|
11 |
CVE-2013-2338 |
|
|
Exec Code |
2013-06-14 |
2013-06-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) cards with firmware before 1.57 and 4 (aka iLO4) cards with firmware before 1.22, when Single-Sign-On (SSO) is used, allows remote attackers to execute arbitrary code via unknown vectors. |
|
12 |
CVE-2012-3271 |
|
|
+Info |
2012-11-29 |
2017-08-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability on the HP Integrated Lights-Out 3 (aka iLO3) with firmware before 1.50 and Integrated Lights-Out 4 (aka iLO4) with firmware before 1.13 allows remote attackers to obtain sensitive information via unknown vectors. |
Total number of vulnerabilities : 12
Page :
1
(This Page)
|
|
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is
MITRE's CVE web site.
CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is
MITRE's CWE web site.
OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is
MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition.
There are NO warranties, implied or otherwise, with regard to this information or its use.
Any use of this information is at the user's risk.
It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content.
EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site.
ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT,
INDIRECT or any other kind of loss.
