All the vulnerabilites related to hp - integrated_lights-out_4_firmware
Vulnerability from fkie_nvd
Published
2018-09-27 18:29
Modified
2024-11-21 04:11
Severity ?
Summary
A potential remote denial of service security vulnerability has been identified in HPE Integrated Lights Out 4 prior to v2.60 and iLO 5 for Gen 10 servers prior to v1.30.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-alert@hpe.com | http://www.securitytracker.com/id/1041488 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03875en_us | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041488 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03875en_us | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51CA4C93-C4D6-49BC-948D-7E42BC559C73",
"versionEndExcluding": "2.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:integrated_lights-out:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3BB462-1E25-4D84-ABC6-68F6762D719D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FE38E85-0260-4E6D-AD50-37C51FF1CA9E",
"versionEndExcluding": "1.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl460c_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BC485A0-1B3E-4499-AF26-C832330E99BB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl120_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B553E44A-A209-49CA-A914-CC1FE51D90D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl160_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "666AAAE5-83AB-4018-891D-2FC69AE6AD65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl180_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD32E61-4FFE-4ECF-9582-B96D1513C706",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl360_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5FC76C8-44FC-4BCC-95C1-0717126BBE2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl380_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD8AB8C-D5BA-4312-9E7A-48ECB09F3C16",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "306B6EC0-C471-48B6-858C-93A4A6CB976D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl560_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A16D30B-D064-4EEC-9628-7B64B63CE2CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl580_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A367F8FE-8500-4512-831A-408BB0772586",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml110_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "358CD445-B506-4EE9-A282-76A790EA4583",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml350_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9DB2958-DDCD-4ACA-B9C1-F7914622E36B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl170r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A0F022-C271-4DB6-A12E-1A2357C0BFE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl190r_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29DEE638-BD6B-4B70-ABEE-AFD8FDA99F45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl230k_gen10_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B1F484-2258-4326-AEFA-725BD8EFE6CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A potential remote denial of service security vulnerability has been identified in HPE Integrated Lights Out 4 prior to v2.60 and iLO 5 for Gen 10 servers prior to v1.30."
},
{
"lang": "es",
"value": "Se ha identificado una potencial vulnerabilidad de seguridad de denegaci\u00f3n de servicio (DoS) remoto en HPE Integrated Lights Out 4 en versiones anteriores a la v2.60 e iLO 5 para servidores Gen 10 en versiones anteriores a la v1.30."
}
],
"id": "CVE-2018-7101",
"lastModified": "2024-11-21T04:11:38.753",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-09-27T18:29:00.300",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041488"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03875en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041488"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03875en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-06-05 17:29
Modified
2024-11-21 04:22
Severity ?
Summary
A remote cross site scripting vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1EEFA032-2828-4A25-AA69-490AAF9B7F1E",
"versionEndIncluding": "1.39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl460c_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFEC03C5-6E25-47A3-9793-D411056F5D08",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl120_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43D747DD-AF47-4B5A-B9CC-20BEC97E7788",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl160_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B0DEA2A-F511-4111-8B33-B029E75D56BF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl180_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5077B450-1E11-4338-8F76-E4257FBE9260",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl20_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A66883DD-061A-4D0A-A73B-3EF2F7273B83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl325_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E013812C-A291-4F5E-BA62-B034FA8288ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl360_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45369573-58FC-40E2-8124-08CDEAB6B6C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl380_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5D074B-079C-4227-A2A5-654BB35E7DC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0766C25-5149-4A02-BC12-38D21EAE2303",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl560_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D894E6C9-D248-4800-A138-CD0FE8F6B5B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl580_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FEBB303-F21A-47FF-9D79-5CBC90144782",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_microserver_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D8F597A-DBF1-4CA5-9B10-990571E2A968",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml110_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA54BDB5-28DF-46D6-8D7D-F2F4F3B21381",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml350_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FF6A55B-05B4-4286-BF06-45D2A21EF58F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl170r_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6662F50-79E8-4675-ABAB-E95C7B8A2BBB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl190r_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D33F488-C5DB-40A7-BCAB-4DA1A6FC0096",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl230k_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85739B50-AA18-4097-8EAA-3A750EE38AE6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl450_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2B30A8-303D-4A47-8D9A-7088F82D2BA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63301635-7C6F-4854-893C-C37B74F13511",
"versionEndIncluding": "2.61b",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl460c_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E58291DF-A83D-4EED-8CEB-DCCB636E57F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl120_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5010CA27-8B1D-43BE-A236-997E51E4B541",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl180_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67D2605F-2642-46EB-BA2C-8E33ACEC8ADA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl360_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87200D92-81D3-4FA4-BD4D-11F0DB7C1E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl380_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81E5D6BA-A5C8-42B2-B347-1F3A70DCDC9D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl580_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED47EFC-2D0D-4864-A0CC-A6F29C236315",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml10_gen9:2:*:*:*:*:*:*:*",
"matchCriteriaId": "97685B5D-843B-4BA4-915C-A384F323A206",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml110_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D64DCBE5-8590-4F17-A86D-88B78E9E5943",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml150_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9876313-D746-4077-A188-F2024C3689F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml30_gen9:2:*:*:*:*:*:*:*",
"matchCriteriaId": "2C53512F-3577-4F64-977C-6579124DA93C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml350_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D95AA33-FD84-4766-A42A-4E44A1BC9B8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ws460c_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76D7479C-E340-4E58-A5E5-5AA7C95EE90A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl170r_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C7DE17C-AC8E-4C0B-B6B1-6D2F4958E70A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl190r_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2838C1A2-23B2-4063-8C16-1558FC329EEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl230a_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40FCFF2E-22B6-4AE3-AE36-B57524656128",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl250a_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0AA43F-DEFB-441C-84B8-85F523D600C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl730f_gen9:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76C1B4FA-E67A-4EB7-A428-FF6C90F0E3B7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl740f_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CFED4E5-48AA-4133-A2A2-4D70101593A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl750f_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6890F055-67AE-4008-A687-EEAD92D892BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote cross site scripting vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39."
},
{
"lang": "es",
"value": "Fue encontrada una vulnerabilidad de tipo cross site scripting remota en HPE Integrated Lights-Out 4 (iLO 4) anterior a la versi\u00f3n 2.61b para servidores Gen9 e Integrated Lights-Out 5 (iLO 5) para servidores Gen10 anteriores a la versi\u00f3n 1.39."
}
],
"id": "CVE-2019-11982",
"lastModified": "2024-11-21T04:22:06.240",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-05T17:29:00.227",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03917en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03917en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-08-14 14:29
Modified
2024-11-21 04:11
Severity ?
Summary
A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior to v2.55 could be remotely exploited to create a denial of service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-alert@hpe.com | http://www.securitytracker.com/id/1041435 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03835en_us | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041435 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03835en_us | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39BA27DF-3771-436C-8812-708720508383",
"versionEndExcluding": "1.90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51CA4C93-C4D6-49BC-948D-7E42BC559C73",
"versionEndExcluding": "2.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FE38E85-0260-4E6D-AD50-37C51FF1CA9E",
"versionEndExcluding": "1.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:moonshot_chassis_manager_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43234882-5295-4648-BFBC-99F742104F29",
"versionEndExcluding": "1.58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:integrated_lights-out:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3BB462-1E25-4D84-ABC6-68F6762D719D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:moonshot_component_pack_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "433C9066-49CC-4CC1-82E7-463C613E2FD6",
"versionEndExcluding": "2.55",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:moonshot_component_pack:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FEDD2CE-C8A2-40E5-B9A2-1CB9B2B8881D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior to v2.55 could be remotely exploited to create a denial of service."
},
{
"lang": "es",
"value": "Una vulnerabilidad de seguridad en HPE Integrated Lights-Out 3 en versiones anteriores a la v1.90, iLO 4 en versiones anteriores a la v2.60, iLO 5 en versiones anteriores a la v1.30, Moonshot Chassis Manager con firmware en versiones anteriores a la v1.58 y Moonshot Component Pack en versiones anteriores a la v2.55 podr\u00eda explotarse de forma remota para crear una denegaci\u00f3n de servicio (DoS)."
}
],
"id": "CVE-2018-7093",
"lastModified": "2024-11-21T04:11:37.953",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-08-14T14:29:00.510",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041435"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03835en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03835en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-15 22:29
Modified
2024-11-21 03:09
Severity ?
Summary
A remote disclosure of information vulnerability in Moonshot Remote Console Administrator Prior to 2.50, iLO4 prior to v2.53, iLO3 prior to v1.89 and iLO2 prior to v2.30 was found.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-alert@hpe.com | http://www.securityfocus.com/bid/101944 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03705en_us | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101944 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03705en_us | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | moonshot_remote_console_administrator | * | |
| hp | integrated_lights-out_2_firmware | * | |
| hp | integrated_lights-out_3_firmware | * | |
| hp | integrated_lights-out_4_firmware | * | |
| hp | integrated_lights-out | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:moonshot_remote_console_administrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DC0A0A-A646-4C5F-A5B9-FB3BCE9B1D86",
"versionEndExcluding": "2.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98ABA457-206A-4F12-9580-A4170D846072",
"versionEndExcluding": "2.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "185FF3D4-F12D-4B34-BCB1-0A4992B21DB3",
"versionEndExcluding": "1.89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B004A3E9-7318-4AD3-B808-0F0E3BE12799",
"versionEndExcluding": "2.53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:integrated_lights-out:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3BB462-1E25-4D84-ABC6-68F6762D719D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote disclosure of information vulnerability in Moonshot Remote Console Administrator Prior to 2.50, iLO4 prior to v2.53, iLO3 prior to v1.89 and iLO2 prior to v2.30 was found."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad de divulgaci\u00f3n remota de informaci\u00f3n en Moonshot Remote Console Administrator en versiones anteriores a la 2.50; iLO 4 en versiones anteriores a la v2.53, iLO3 en versiones anteriores a la v1.89 y iLO2 en versiones anteriores a la v2.30."
}
],
"id": "CVE-2017-12543",
"lastModified": "2024-11-21T03:09:43.447",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-15T22:29:04.310",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101944"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03705en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101944"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03705en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-09-30 01:59
Modified
2024-11-21 02:33
Severity ?
Summary
Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 3 before 1.85 and 4 before 2.22 allows remote authenticated users to cause a denial of service via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | integrated_lights-out_3_firmware | * | |
| hp | integrated_lights-out_4_firmware | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3501A53B-CAD9-4CAE-8847-D5315888AC60",
"versionEndIncluding": "1.80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87DA7DD4-70DB-476A-BE04-12BCB575D850",
"versionEndIncluding": "2.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 3 before 1.85 and 4 before 2.22 allows remote authenticated users to cause a denial of service via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en HP Integrated Lights-Out (iLO) firmware 3 en versiones anteriores a 1.85 y 4 en versiones anteriores a 2.22, permite a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2015-5435",
"lastModified": "2024-11-21T02:33:00.273",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-09-30T01:59:16.037",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04785857"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securitytracker.com/id/1033660"
},
{
"source": "hp-security-alert@hp.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04785857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033660"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10138"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-03-31 10:59
Modified
2024-11-21 02:18
Severity ?
Summary
Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management (CM) firmware before 1.30 allows remote attackers to gain privileges, execute arbitrary code, or cause a denial of service via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | integrated_lights-out_2_firmware | * | |
| hp | integrated_lights-out_4_firmware | * | |
| hp | integrated_lights-out_chassis_management_firmware | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBDCA27-32D4-4DCA-B079-07217F105DEC",
"versionEndIncluding": "2.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05F35CB9-C489-418D-9BDB-EA9342556A9E",
"versionEndIncluding": "2.01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_chassis_management_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37D0D354-4290-4781-8CAC-F150B40E841C",
"versionEndIncluding": "1.29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management (CM) firmware before 1.30 allows remote attackers to gain privileges, execute arbitrary code, or cause a denial of service via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el firmware HP Integrated Lights-Out (iLO) 2 anterior a 2.27 y 4 anterior a 2.03 y el firmware iLO Chassis Management (CM) anterior a 1.30 permite a atacantes remotos ganar privilegios, ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2014-7876",
"lastModified": "2024-11-21T02:18:11.387",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-03-31T10:59:00.073",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031972"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Broken Link"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04486432"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Broken Link"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04486432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031972"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04486432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04486432"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-15 22:29
Modified
2024-11-21 03:09
Severity ?
Summary
A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 (iLO 4) version prior to 2.53 was found.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-alert@hpe.com | http://www.securityfocus.com/bid/100467 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | http://www.securitytracker.com/id/1039222 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03769en_us | Vendor Advisory | |
| security-alert@hpe.com | https://www.exploit-db.com/exploits/44005/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100467 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039222 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03769en_us | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/44005/ | Exploit, Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | integrated_lights-out_4_firmware | * | |
| hp | integrated_lights-out_4 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B004A3E9-7318-4AD3-B808-0F0E3BE12799",
"versionEndExcluding": "2.53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:integrated_lights-out_4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47EEB8DA-1CDD-428C-988C-249E2816F18C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 (iLO 4) version prior to 2.53 was found."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n y ejecuci\u00f3n de c\u00f3digo en HPE Integrated Lights-out 4 (iLO 4) en versiones anteriores a la 2.53."
}
],
"id": "CVE-2017-12542",
"lastModified": "2024-11-21T03:09:43.333",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-15T22:29:04.263",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100467"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039222"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03769en_us"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44005/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100467"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03769en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44005/"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-08-06 20:29
Modified
2024-11-21 04:11
Severity ?
Summary
A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2.60 and HPE Integrated Lights-Out 5 (iLO 5) earlier than version v1.30.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-alert@hpe.com | http://www.securitytracker.com/id/1041188 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03844en_us | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041188 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03844en_us | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | integrated_lights-out_4_firmware | * | |
| hp | integrated_lights-out_5_firmware | * | |
| hp | integrated_lights-out | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51CA4C93-C4D6-49BC-948D-7E42BC559C73",
"versionEndExcluding": "2.60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FE38E85-0260-4E6D-AD50-37C51FF1CA9E",
"versionEndExcluding": "1.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:integrated_lights-out:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3BB462-1E25-4D84-ABC6-68F6762D719D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2.60 and HPE Integrated Lights-Out 5 (iLO 5) earlier than version v1.30."
},
{
"lang": "es",
"value": "Se ha identificado una ejecuci\u00f3n remota de c\u00f3digo en HPE Integrated Lights-Out 4 (iLO 4) anteriores a la v2.60 y HPE Integrated Lights-Out 5 (iLO 5) anteriores a la v1.30."
}
],
"id": "CVE-2018-7078",
"lastModified": "2024-11-21T04:11:36.797",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-08-06T20:29:02.163",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041188"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03844en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03844en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-09-27 18:29
Modified
2024-11-21 04:11
Severity ?
Summary
A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90 could be remotely exploited to execute arbitrary code leading to disclosure of information.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-alert@hpe.com | http://www.securityfocus.com/bid/105425 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | http://www.securitytracker.com/id/1041649 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03866en_us | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105425 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041649 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03866en_us | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | integrated_lights-out_5_firmware | * | |
| hp | gen_10_servers | - | |
| hp | integrated_lights-out | - | |
| hp | integrated_lights-out_3_firmware | * | |
| hp | integrated_lights-out_4_firmware | * | |
| hp | integrated_lights-out | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E18AA81A-3F96-4F12-8BBA-A2A3282E891C",
"versionEndExcluding": "1.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:gen_10_servers:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C02D0550-99AE-4E94-A799-498FB51CA5D0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:integrated_lights-out:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3BB462-1E25-4D84-ABC6-68F6762D719D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39BA27DF-3771-436C-8812-708720508383",
"versionEndExcluding": "1.90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5286861C-4CE8-465F-8D31-84ACCC91DA9F",
"versionEndExcluding": "2.61",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:integrated_lights-out:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3BB462-1E25-4D84-ABC6-68F6762D719D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90 could be remotely exploited to execute arbitrary code leading to disclosure of information."
},
{
"lang": "es",
"value": "Podr\u00eda explotarse remotamente una vulnerabilidad de seguridad en HPE Integrated Lights-Out 5 (iLO 5) para servidores HPE Gen10 en versiones anteriores a la v1.35, HPE Integrated Lights-Out 4 (iLO 4) en versiones anteriores a la v2.61 y HPE Integrated Lights-Out 3 (iLO 3) en versiones anteriores a la v1.90 para ejecutar c\u00f3digo arbitrario, lo que conduce a una divulgaci\u00f3n de informaci\u00f3n."
}
],
"id": "CVE-2018-7105",
"lastModified": "2024-11-21T04:11:39.143",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-09-27T18:29:00.800",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105425"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041649"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03866en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041649"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03866en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-06-05 17:29
Modified
2024-11-21 04:22
Severity ?
Summary
A remote buffer overflow vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1EEFA032-2828-4A25-AA69-490AAF9B7F1E",
"versionEndIncluding": "1.39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl460c_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFEC03C5-6E25-47A3-9793-D411056F5D08",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl120_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43D747DD-AF47-4B5A-B9CC-20BEC97E7788",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl160_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B0DEA2A-F511-4111-8B33-B029E75D56BF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl180_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5077B450-1E11-4338-8F76-E4257FBE9260",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl20_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A66883DD-061A-4D0A-A73B-3EF2F7273B83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl325_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E013812C-A291-4F5E-BA62-B034FA8288ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl360_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45369573-58FC-40E2-8124-08CDEAB6B6C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl380_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5D074B-079C-4227-A2A5-654BB35E7DC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0766C25-5149-4A02-BC12-38D21EAE2303",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl560_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D894E6C9-D248-4800-A138-CD0FE8F6B5B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl580_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FEBB303-F21A-47FF-9D79-5CBC90144782",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_microserver_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D8F597A-DBF1-4CA5-9B10-990571E2A968",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml110_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA54BDB5-28DF-46D6-8D7D-F2F4F3B21381",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml350_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FF6A55B-05B4-4286-BF06-45D2A21EF58F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl170r_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6662F50-79E8-4675-ABAB-E95C7B8A2BBB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl190r_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D33F488-C5DB-40A7-BCAB-4DA1A6FC0096",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl230k_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85739B50-AA18-4097-8EAA-3A750EE38AE6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl450_gen10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2B30A8-303D-4A47-8D9A-7088F82D2BA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63301635-7C6F-4854-893C-C37B74F13511",
"versionEndIncluding": "2.61b",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl460c_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E58291DF-A83D-4EED-8CEB-DCCB636E57F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl120_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5010CA27-8B1D-43BE-A236-997E51E4B541",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl180_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67D2605F-2642-46EB-BA2C-8E33ACEC8ADA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl360_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87200D92-81D3-4FA4-BD4D-11F0DB7C1E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl380_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81E5D6BA-A5C8-42B2-B347-1F3A70DCDC9D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_dl580_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED47EFC-2D0D-4864-A0CC-A6F29C236315",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml10_gen9:2:*:*:*:*:*:*:*",
"matchCriteriaId": "97685B5D-843B-4BA4-915C-A384F323A206",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml110_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D64DCBE5-8590-4F17-A86D-88B78E9E5943",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml150_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9876313-D746-4077-A188-F2024C3689F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml30_gen9:2:*:*:*:*:*:*:*",
"matchCriteriaId": "2C53512F-3577-4F64-977C-6579124DA93C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ml350_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D95AA33-FD84-4766-A42A-4E44A1BC9B8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_ws460c_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76D7479C-E340-4E58-A5E5-5AA7C95EE90A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl170r_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C7DE17C-AC8E-4C0B-B6B1-6D2F4958E70A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl190r_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2838C1A2-23B2-4063-8C16-1558FC329EEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl230a_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40FCFF2E-22B6-4AE3-AE36-B57524656128",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl250a_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0AA43F-DEFB-441C-84B8-85F523D600C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl730f_gen9:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76C1B4FA-E67A-4EB7-A428-FF6C90F0E3B7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl740f_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CFED4E5-48AA-4133-A2A2-4D70101593A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_xl750f_gen9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6890F055-67AE-4008-A687-EEAD92D892BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote buffer overflow vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39."
},
{
"lang": "es",
"value": "Fue encontrada una vulnerabilidad de desbordamiento de b\u00fafer remoto en HPE Integrated Lights-Out 4 (iLO 4) anterior a versi\u00f3n 2.61b para servidores Gen9 e Integrated Lights-Out 5 (iLO 5) para servidores Gen10 anteriores a la versi\u00f3n versi\u00f3n 1.39."
}
],
"id": "CVE-2019-11983",
"lastModified": "2024-11-21T04:22:06.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 8.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 4.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-05T17:29:00.257",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03917en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03917en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-03-31 10:59
Modified
2024-11-21 02:26
Severity ?
Summary
Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial of service via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | integrated_lights-out_2_firmware | * | |
| hp | integrated_lights-out_3_firmware | * | |
| hp | integrated_lights-out_4_firmware | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBDCA27-32D4-4DCA-B079-07217F105DEC",
"versionEndIncluding": "2.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3501A53B-CAD9-4CAE-8847-D5315888AC60",
"versionEndIncluding": "1.80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9452C14F-CE79-4344-A123-7DB9D296547B",
"versionEndIncluding": "2.03",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial of service via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el firmware HP Integrated Lights-Out (iLO) 2 anterior a 2.27, 3 anterior a 1.82, y 4 anterior a 2.10 permite a atacantes remotos evadir las restricciones de acceso o causar una denegaci\u00f3n de servicio a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2015-2106",
"lastModified": "2024-11-21T02:26:48.473",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-03-31T10:59:04.997",
"references": [
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securityfocus.com/bid/73324"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031974"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Not Applicable"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04582368"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Not Applicable"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04582368"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/73324"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04582368"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04582368"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-12-03 15:29
Modified
2024-11-21 04:11
Severity ?
Summary
The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. This issue was resolved in previously provided firmware updates as follows. The HPE Windows firmware installer was updated in the system ROM updates which also addressed the original Spectre/Meltdown set of vulnerabilities. At that time, the Windows firmware installer was also updated in the versions of HPE Integrated Lights-Out 2, 3, and 4 (iLO 2, 3, and 4) listed in the security bulletin. The updated HPE Windows firmware installer was released in the system ROM and HPE Integrated Lights-Out (iLO) releases documented in earlier HPE Security Bulletins: HPESBHF03805, HPESBHF03835, HPESBHF03831. Windows-based systems that have already been updated to the system ROM or iLO versions described in these security bulletins require no further action.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D612A666-2748-418C-B0D8-2F83D323423E",
"versionEndExcluding": "2.33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:integrated_lights-out_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D37C0771-CF7D-48A6-A2EA-A590348503C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_gen6_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CCF96F3-FD8B-42F4-B33C-DFD6AD08D49E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39BA27DF-3771-436C-8812-708720508383",
"versionEndExcluding": "1.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:integrated_lights-out:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3BB462-1E25-4D84-ABC6-68F6762D719D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_gen7_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A5E4DC9-A8CE-46FF-8241-F2D6955C618D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51CA4C93-C4D6-49BC-948D-7E42BC559C73",
"versionEndExcluding": "2.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:integrated_lights-out:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3BB462-1E25-4D84-ABC6-68F6762D719D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:proliant_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8322FA2-4CD0-40FA-9EDA-7ED979720562",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_xl750f_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E44EB35D-7B83-4A0E-B636-39E89DE71047",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_xl750f_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB222D02-E0CD-4BD2-BFED-50FC0EB8BA48",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_xl740f_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79CF9877-F000-4932-8F09-596D928E3C2D",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_xl740f_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B29CFA7E-6485-4FA0-816B-0CCA98BB77BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_xl730f_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF3D056-BCF7-4285-95F4-1420DF828D98",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_xl730f_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC8A90D2-7C7F-42FA-9F35-34C2D9612C03",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_xl450_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23C7BFC0-031D-4C8C-9B5A-4DA201AEC0C9",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_xl450_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A165E3C1-14E8-421E-807A-3888B204E105",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_xl270d_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86A97363-78DF-4CDB-A995-0C2D3EEF1E7E",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_xl270d_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43B17626-40DC-4699-ACBB-A6D93145EB34",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_xl270d_gen9_accelerator_tray_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61BF73AB-922F-46B5-8176-BD7C361A731C",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_xl270d_gen9_accelerator_tray:-:*:*:*:*:*:*:*",
"matchCriteriaId": "691C47A2-C4CF-4824-BF49-69A9939486FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_xl260a_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9CF4270-9C13-4E09-91B4-AD6877642C07",
"versionEndExcluding": "1.60_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_xl260a_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "562F34F0-C838-4CB7-95FB-EFD626786FDF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_xl250a_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94E5B290-E630-4939-8003-FEA6B26EE057",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_xl250a_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D871D279-38D4-48EE-8966-C2B686390E1A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_xl230a_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7984006-C118-4D54-AA3E-03C37AC1EF3D",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_xl230a_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FC258B-754A-4372-ADF1-1F2BBDA8CE54",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_xl190r_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03373022-3516-4B42-8EE4-9BB9CB6AB702",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_xl190r_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C3E0225-79B8-47EE-AA0F-F35D69FA2905",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_xl170r_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C27A8802-6B40-4B70-B92F-7A7B525F4CEA",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_xl170r_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F3A643B-F7DA-4239-BF5D-CCB2ECD4AB46",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl560_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC350296-27B1-465A-82BB-5A34CC97DA0F",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl560_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C250444-6DCB-492C-9C09-BCB4D8F9522E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl380_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9ECF6A8-5C1F-4953-8F62-5649007E193F",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl380_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4176A85-6BA7-4A49-95A6-759655FCE437",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl360_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35F5C6DF-5DD2-48B7-A46D-FC9E506CEA80",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl360_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5562E797-E2BA-49A7-A7FD-F345F3B3EDC1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl180_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "904C5A9E-4D10-48E0-9114-09B25A82D9DA",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl180_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFBF3AAB-5A41-498D-8934-5069086AF0A4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl160_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6AB3114-7B7B-419C-B3A9-B9409BF8F1D2",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl160_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFADFAB1-F9C7-4613-AB00-6088A54B2984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl120_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6260BD1D-CD5F-4AC4-A0BD-6E945CD15B5D",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl120_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2483ED79-0132-4484-808B-8DA9F2F9CE1E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl80_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A70152AE-F316-49A9-A54C-3A7F38E677C8",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl80_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "501CE644-836D-45D7-A525-00443E496279",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl60_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9581D6F0-4A8D-448F-88AE-3547481105AC",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl60_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03D1BA51-A089-4CB6-8B7A-44B29BE38D65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl20_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF282448-87F5-4F17-B7DE-3622927F5E15",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl20_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D32A1A60-5196-4D7B-99F3-78E5084BED38",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_ml350_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B156128-21A7-4297-BEB7-BE6DC4782A42",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_ml350_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22E0FE3B-24DB-416D-93FF-98CD64538A99",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_ml150_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21FA340D-EE77-42A7-9180-2223F9ACBFF3",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_ml150_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF01D64A-A29B-4A11-9FFE-6FFFF79E6821",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_ml110_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "453BA66A-E20B-4923-AEF2-9946CD1A53D5",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_ml110_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C226593-97C5-49C4-9906-88430D35A1A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_ml30_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "838DCE53-5439-4431-AEEE-67CC518A65FC",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_ml30_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B479287E-D58C-432F-9B76-A6C75C4C1539",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_ml10_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "782EEC0D-E708-450E-9C73-07065EE41D82",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_ml10_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2898F40-ADA0-4D6C-B070-CECAFD0B964E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_bl660c_gen9_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DFA0807-DD48-42BC-B4D4-F5B3BDF53418",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl660c_gen9_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66EB270B-9289-4D3D-91A8-751CF2C62BD5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_bl460c_gen9_server_blade_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0DFB1251-3C00-43B3-AC53-9390D3898B78",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl460c_gen9_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BB98203-AFC1-489F-BA7D-F66E3275774A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_ws460c_gen9_workstation_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77A11270-1CBD-45EE-92CC-98304BD5F105",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_ws460c_gen9_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0BDA4D1-2888-4858-A240-371C38C80280",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl380e_gen8_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F11FE97-5C70-4639-9977-2E5025493C78",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl380e_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B60FD7-710F-4596-AC1E-C92BE1F73185",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl360p_gen8_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "438A1BB1-9FE7-41E7-91DD-FA562C7D1D15",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl360p_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "971D98CB-488B-475E-834F-D7F2C2D15618",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl360e_gen8_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8A7F118-8A7A-4C63-BADC-DA014E626E5A",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl360e_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE32C218-B3DC-4915-A170-D41EA356B37F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl320e_gen8_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80D67302-CF94-4EED-9647-AA816AFA0AAB",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl320e_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A10ED119-2AFB-4A19-8EC9-11DD00C771C3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl320e_gen8_v2_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1BFFC9D-DDAA-432E-BE37-E7D567E1C5EE",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl320e_gen8_v2_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB4D64F-C78D-4A5A-8213-85607DD5DC3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl160_gen8_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "252C3BCA-B865-4378-85A6-4BC6330ABD4C",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl160_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35D7105B-54F9-480D-95B6-9BFACD405450",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_sl250s_gen8_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1BC01CC-84E7-4374-A559-5AD4679148FA",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_sl250s_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07646416-DC91-44C2-AEC3-2F979C9C89B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_sl210t_gen8_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "895DA666-9AC7-46FD-90C5-7A077AAED39C",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_sl210t_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4976BD59-4074-4EB5-97EC-FA3E50C83245",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_bl660c_gen8_server_blade_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7565F1C-FDF0-4997-A811-DAE5C13F44EB",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl660c_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19DAF258-00CB-4B73-83A1-6EDDA186D8B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_bl465c_gen8_\\(amd\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C644583-95C8-43E0-B80F-1EDBA037563E",
"versionEndExcluding": "2018.03.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl465c_gen8_\\(amd\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E1C717B-FC7F-4492-81E5-5A132676ECE7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_bl460c_gen8_server_blade_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6E86D3D-D012-4335-9DBA-CAF7D48979A2",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl460c_gen8_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7C5EE27-AC35-490B-AF26-FDA261AA03B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_bl420c_gen8_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91F57175-C496-4DF2-BF35-23506B27E9FE",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl420c_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE085EBF-9338-4F4D-BA6D-DF71EB55809D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_sl4540_gen8_1_node_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CBCD4F-F180-4C85-9CDD-8446525B3C04",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_sl4540_gen8_1_node_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B37F1CD-954A-461F-B7C9-5F5D722C7F9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_sl270s_gen8_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1B214DF-BE03-4C09-9C06-5976687B63AC",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_sl270s_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F77695B-AE96-4A78-B818-451408BFED3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl580_gen8_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E0A6E8F-EE51-4AA3-A7E9-85E9AADD02A0",
"versionEndExcluding": "2.00_02-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl580_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD283162-B57B-4041-A36D-70C15C5CAD2B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl560_gen8_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E98A6AC-6892-493F-908E-AD6C69B4C59D",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl560_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B0B6A0E-982B-49F8-9CD8-675599E801DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl380p_gen8_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B31EDADF-F95F-447A-923D-9006A508536E",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl380p_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "089A9561-E2E3-4E6C-8E2A-3E0559306B9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl385p_gen8_\\(amd\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3452A5C3-5932-4882-9AF1-8552E72B9110",
"versionEndExcluding": "2018.03.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl385p_gen8_\\(amd\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF8D7D0-50A7-45CE-8C57-2BF809D6D467",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_ml350e_gen8_v2_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "888743D7-873F-45EC-97E1-60A84F1F4AF2",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_ml350e_gen8_v2_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27B69F59-24E1-40E7-AD2A-D5C6A4E9D75C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_ml350e_gen8_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20D027E1-D905-4FCB-BD4F-301680A356A9",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_ml350e_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16078B36-0484-43E1-91EB-507403E469FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_ml350p_gen8_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5443692-F38A-4CBD-BEF7-5F7EE80E7B63",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_ml350p_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3DAD01F-2D0C-4055-9B68-73100C02A63E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_ml310e_gen8_v2_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC21A9D-B2E3-4518-8D69-32ED28B877DB",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_ml310e_gen8_v2_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34846E13-5492-4B43-BFF7-DD68DC044DF2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_ml310e_gen8_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAB959FF-DF0B-484D-951D-2B8FD43DE492",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_ml310e_gen8_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD3DC2-1148-47E8-956B-379214CB0847",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_microserver_gen8_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACC779FD-DD81-4A9C-95FE-D184BD736C01",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_microserver_gen8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2D4A053-A170-41E8-85A6-6D7C71942130",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_m710_server_cartridge_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF7B2F20-AA62-4339-8649-F18FE526CBB5",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_m710_server_cartridge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A45F5F-01BE-4B1C-831B-7FB9AC9E744A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_m710p_server_cartridge_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A8DD2B6-C018-4D04-9203-478B1BD8F2A1",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_m710p_server_cartridge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEC79937-4B45-4322-AD61-9D13A83291CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_m710x_server_cartridge_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6041DCF6-2A9A-4248-9DB0-507FB4915C60",
"versionEndExcluding": "1.64_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_m710x_server_cartridge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E53F71CF-BCE3-4FCB-BA1B-2F183ED0291B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_m510_server_cartridge_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CF243BA-7802-4ECB-BABF-C2C092F5E730",
"versionEndExcluding": "1.64_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_m510_server_cartridge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47A00E4E-51BC-4843-98F3-6BC307D326CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_m350_server_cartridge_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA697111-5E6C-4252-A4D6-DB4C9010A35E",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_m350_server_cartridge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8E247EE-531C-4B84-92F3-20CDB96ECFA4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_m300_server_cartridge_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6DF5289-A533-414C-98BB-A8EA6286A01A",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_m300_server_cartridge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F91B3C7E-3218-4810-8969-154DF0D56C45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_bl2x220c_g7_server_blade_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "791104BE-D0F6-4604-B4C9-F67B16B0BABA",
"versionEndExcluding": "2018.05.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl2x220c_g7_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "042ADA52-7A00-47A5-903F-1E9A1C399337",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl585_g7_server_\\(amd\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10CD5ED9-3CC5-4546-8989-DDA8D833899A",
"versionEndExcluding": "2018.03.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl585_g7_server_\\(amd\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF407C63-2576-4EA6-946C-72ED7CAE8A95",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl980_g7_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61AC7EB7-78A8-4763-B149-C15E93BDBBF8",
"versionEndExcluding": "2018.05.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl980_g7_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD54EC0-9F48-46B9-9DD0-D9FEF6A557C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl580_g7_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06830913-9D5F-4D38-BAA2-9AF15E3FEEB9",
"versionEndExcluding": "2018.05.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl580_g7_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22DE733B-B84C-4AE3-AD1E-6FB073FCA89F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl385_g7_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45C82EA0-FA6B-4BA7-9942-D788E052BA68",
"versionEndExcluding": "2018.03.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl385_g7_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8E4F79B-22DB-4151-B8BF-146F841F25D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl380_g7_server_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4550A0-2339-42BC-BE62-631A69C93CDF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl380_g7_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDB4EE03-9905-495B-B936-5DE2FD74270D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl120_g7_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B28F510C-F314-4E54-A2B1-613E9B678ABE",
"versionEndExcluding": "2018.05.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl120_g7_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BAD8428-6425-4C07-935C-1CF13A269F6B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl360_g7_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65847A39-6D68-4063-965F-67DF090ABBA7",
"versionEndExcluding": "2018.05.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl360_g7_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B43DAD18-3195-477C-8578-49CF2AD02783",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_bl685c_g7_server_blade_\\(amd\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "351D870B-E810-440F-8372-BC42E64DAEE5",
"versionEndExcluding": "2018.03.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl685c_g7_server_blade_\\(amd\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82161CA-0C84-4244-96F1-5B3560A8172D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_bl680c_g7_server_blade_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C1C4CD5-D962-4973-805C-37B250EDBB2A",
"versionEndExcluding": "2018.05.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl680c_g7_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8130FAB-7242-4746-8D67-BE6D4365706D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_bl620c_g7_server_blade_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED43D857-172A-4514-8D76-D36A09ABF97F",
"versionEndExcluding": "2018.05.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl620c_g7_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CFA02F8-41B1-4962-9E93-EFCE90FB3065",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_bl490c_g7_server_blade_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "881DCBAD-0133-4363-84C8-150B246E3B82",
"versionEndExcluding": "2018.05.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl490c_g7_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0F6717B-5113-4154-9740-D17A7CE31306",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_bl465c_g7_server_blade_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B473947E-EF79-43C0-B4C1-97B81958A75C",
"versionEndExcluding": "2018.03.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl465c_g7_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F569C17A-9D3B-4A04-90D3-DDD97A306C01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_bl460c_g7_server_blade_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD6302D-4BF0-4A64-881B-0B5C5086D4FB",
"versionEndExcluding": "2018.05.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl460c_g7_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52A7BD10-3934-4E7C-B153-7B6339C3570F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_sl390s_g7_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A77DD9F1-1568-4CB9-B841-F6987C299999",
"versionEndExcluding": "2018.05.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_sl390s_g7_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FA397BC-0FA6-464B-A648-FF8C74FAE275",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_ml110_g7_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2938429A-6286-40A5-BBF1-CD4AD6D0B535",
"versionEndExcluding": "2018.05.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_ml110_g7_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81561975-6CBD-4DDF-B262-C831A1C2031A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_ml10_v2_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7349CE0F-EFA3-453D-B598-B9E1821EE8CC",
"versionEndExcluding": "2018.01.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_ml10_v2_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB1F7C21-F7F0-4F78-A5E3-66D4A2A26332",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_sl4545_g7_server_\\(amd\\)_firmware:2018.03.14\\(a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9B06F45C-DA96-4A3D-AF4F-40B5BE8DBFF0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_sl4545_g7_server_\\(amd\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B788D58-F9F0-41DC-AB0A-66C430B0D178",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_thin_micro_tm200_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "048C176D-2E47-43EE-B638-4CCABE48180A",
"versionEndExcluding": "2.56_01-22-2018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_thin_micro_tm200_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BC08EE7-4FDF-4C0C-BC9B-48AB5380C479",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl380_g6_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADDBDD94-7E9A-4906-8510-6BC3C8346806",
"versionEndExcluding": "2018.05.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl380_g6_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D219F98C-6D8C-406A-9DBF-6A1ECE655310",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl370_g6_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "332F99B4-9F15-402B-BCFA-434B588FCCA4",
"versionEndExcluding": "2018.05.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl370_g6_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A25592AA-BBD2-44EC-97A0-8D511E0201C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl360_g6_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E482101-23CA-4801-822A-66BE65A34B92",
"versionEndExcluding": "2018.05.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl360_g6_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E96E2150-40D6-4DAD-98CA-F25047249F6D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl320_g6_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FED0E7C-3A49-4EF1-807B-01E5A403B7F4",
"versionEndExcluding": "2018.05.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl320_g6_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9EB4DA9-A2C1-43AA-A161-93A41837CFA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl180_g6_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95C3E56E-63EC-437D-9C73-E1D4BE465476",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl180_g6_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F192EA3-91B9-4648-8ECD-DF245AE81A54",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl170h_g6_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED740F5-91FD-4D1C-A7ED-4D0C62EFD461",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl170h_g6_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49754DDA-CAAC-4C76-9C20-495F98F994EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl170e_g6_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F6CD4E7-81B6-4572-B5D3-4B8EA500A05E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl170e_g6_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2348506C-4019-411D-A36F-5E481EA7E1F7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl160_g6_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07E1E8B1-52F7-490B-8155-AD69D95B6487",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl160_g6_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DEB7DF1-8D22-4429-86A8-9F5877B0F647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_dl120_g6_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C269D689-ADE9-4E19-A6DE-37FE213DC411",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_dl120_g6_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E98514-2A35-4718-978A-C4285C6C2462",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_ml370_g6_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EC1F9AF-38AF-4B5C-A3A5-0DB37868F04C",
"versionEndExcluding": "2018.05.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_ml370_g6_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "371C6BB8-7F59-420D-8479-E5F30F44201C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_ml350_g6_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63032A5D-34D2-4A26-A17A-CA93C488BBD6",
"versionEndExcluding": "2018.05.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_ml350_g6_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D369D3B1-DE37-4973-B8A0-99730D936978",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_ml330_g6_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC081CCB-618A-4149-A540-55F03C944B9E",
"versionEndExcluding": "2018.05.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_ml330_g6_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5F4884-47C0-4873-8ACF-69C5AC238A0F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_ml150_g6_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A18B64F-83B3-4770-A22A-CBE7958F0254",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_ml150_g6_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88675F19-A88A-4684-B8C0-B9744BC6D324",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_ml110_g6_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1C9EA28-0964-4AF0-8B1D-B24E35C1DB00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_ml110_g6_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01443673-B938-42F0-9FDE-6DADAA09E61F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_sl2x170z_g6_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E87FCD-DE8B-47A3-87AE-424B64F830C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_sl2x170z_g6_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3545C5AD-4807-4424-9AC6-4CCCF7A20EE6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_bl490c_g6_server_blade_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F458153-8F1F-43A5-AD92-50F5991B2A97",
"versionEndExcluding": "2018.05.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl490c_g6_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2E84AA5-D272-4F8B-A852-871DBF4AAA5D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_bl460c_g6_server_blade_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF94EC51-DB51-4203-BA8D-D6B032138789",
"versionEndExcluding": "2018.05.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl460c_g6_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B87E4709-2425-4160-B3F6-3B757D16DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_sl170z_g6_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D643F2F4-7827-48FE-BED7-BE63D67E5937",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_sl170z_g6_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5078FBF3-9420-496F-8333-C3776FFEA135",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_sl160s_g6_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9EAA633-33BE-4C19-A952-9E10D6AC692B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_sl160s_g6_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "895CEDF9-13EF-4C1D-A25E-4E9DB3F65828",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_bl2x220c_g6_server_blade_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50376850-F87F-4293-B1D4-5EE973B8E5F9",
"versionEndExcluding": "2018.05.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl2x220c_g6_server_blade:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E1CE92-4196-42C7-A88C-C0E93D344C9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_bl280c_g6_server_bladefirmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "318196D6-690A-45F3-8FC2-9F9AC3ED9E4A",
"versionEndExcluding": "2018.05.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_bl280c_g6_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D07FCF0-E876-4F8C-A6D8-9393EFE40380",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. This issue was resolved in previously provided firmware updates as follows. The HPE Windows firmware installer was updated in the system ROM updates which also addressed the original Spectre/Meltdown set of vulnerabilities. At that time, the Windows firmware installer was also updated in the versions of HPE Integrated Lights-Out 2, 3, and 4 (iLO 2, 3, and 4) listed in the security bulletin. The updated HPE Windows firmware installer was released in the system ROM and HPE Integrated Lights-Out (iLO) releases documented in earlier HPE Security Bulletins: HPESBHF03805, HPESBHF03835, HPESBHF03831. Windows-based systems that have already been updated to the system ROM or iLO versions described in these security bulletins require no further action."
},
{
"lang": "es",
"value": "El instalador de firmware de Windows proporcionado por HPE para determinados servidores HPE Gen9, Gen8, G7y G6 HPE permite la divulgaci\u00f3n local de informaci\u00f3n privilegiada. Este problema se resolvi\u00f3 en las actualizaciones de firmware proporcionadas anteriormente de la siguiente manera. El instalador del firmware de HPE Windows se actualiz\u00f3 en las actualizaciones de la ROM del sistema, que tambi\u00e9n abordaban el conjunto original de vulnerabilidades de Spectre/Meltdown. En ese momento, el instalador del firmware de Windows tambi\u00e9n se actualiz\u00f3 en las versiones de HPE Integrated Lights-Out 2, 3 y 4 (iLO 2, 3 y 4) que aparecen en el bolet\u00edn de seguridad. El instalador actualizado del firmware de HPE Windows se public\u00f3 en la ROM del sistema y en las versiones de HPE Integrated Lights-Out (iLO) documentadas en boletines de seguridad de HPE anteriores: HPESBHF03805, HPESBHF03835, HPESBHF03831. Los sistemas basados en Windows que ya han sido actualizados a las versiones ROM o iLO del sistema descritas en estos boletines de seguridad no requieren ninguna otra acci\u00f3n."
}
],
"id": "CVE-2018-7112",
"lastModified": "2024-11-21T04:11:39.753",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-03T15:29:00.383",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041984"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03805en_us"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03831en_us"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03835en_us"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03869en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041984"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03805en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03831en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03835en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03869en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-06-14 19:55
Modified
2024-11-21 01:51
Severity ?
Summary
Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) cards with firmware before 1.57 and 4 (aka iLO4) cards with firmware before 1.22, when Single-Sign-On (SSO) is used, allows remote attackers to execute arbitrary code via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | integrated_lights-out_3_firmware | * | |
| hp | integrated_lights-out_3_firmware | 1.00 | |
| hp | integrated_lights-out_3_firmware | 1.05 | |
| hp | integrated_lights-out_3_firmware | 1.20 | |
| hp | integrated_lights-out_3_firmware | 1.26 | |
| hp | integrated_lights-out_3_firmware | 1.28 | |
| hp | integrated_lights-out_3_firmware | 1.50 | |
| hp | integrated_lights-out_4_firmware | * | |
| hp | integrated_lights-out_4_firmware | 1.11 | |
| hp | integrated_lights-out_4_firmware | 1.13 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C8A8AC2-5764-4206-8D89-376E4311F257",
"versionEndIncluding": "1.55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "9C400697-E7FB-4EF4-AF0A-060E2E4193C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "2087DC1D-9290-4238-AFF7-1E59FAAACF01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B05ECC-AA89-4594-8391-AEE5D52F93C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:1.26:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3E02AB-F3E9-4092-AECA-2F7F8FD87A58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:1.28:*:*:*:*:*:*:*",
"matchCriteriaId": "457C1F21-3DAA-40E1-8D40-52E496AA7103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:1.50:*:*:*:*:*:*:*",
"matchCriteriaId": "4B404FDB-DBE5-41E9-9C09-F3DAC309F519",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2CDC3A7-2399-4847-9795-E6212CB42E62",
"versionEndIncluding": "1.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "75257143-4C7C-4F10-93D7-0422C519B74A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "09EA57F3-95A0-4EBB-97AC-53F829064F5E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) cards with firmware before 1.57 and 4 (aka iLO4) cards with firmware before 1.22, when Single-Sign-On (SSO) is used, allows remote attackers to execute arbitrary code via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en HP Integrated Lights-Out 3(aka iLO3) con firmware anterior a 1.57 (iLO4) con firmware anterior a 1.22, cuando se usa el Single-Sign-ON (SSO) permite a atacantes remotos ejecutar c\u00f3digo arbitrario de su elecci\u00f3n."
}
],
"id": "CVE-2013-2338",
"lastModified": "2024-11-21T01:51:29.383",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-06-14T19:55:01.140",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03787836"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03787836"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03787836"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03787836"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-11-29 13:14
Modified
2024-11-21 01:40
Severity ?
Summary
Unspecified vulnerability on the HP Integrated Lights-Out 3 (aka iLO3) with firmware before 1.50 and Integrated Lights-Out 4 (aka iLO4) with firmware before 1.13 allows remote attackers to obtain sensitive information via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | integrated_lights-out_3_firmware | * | |
| hp | integrated_lights-out_3_firmware | 1.00 | |
| hp | integrated_lights-out_3_firmware | 1.05 | |
| hp | integrated_lights-out_3_firmware | 1.20 | |
| hp | integrated_lights-out_3_firmware | 1.26 | |
| hp | integrated_lights-out_4_firmware | * | |
| hp | integrated_lights-out_4_firmware | 1.05 | |
| hp | integrated_lights-out_4_firmware | 1.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEA03025-D892-4613-AD4A-0AA6656F3F79",
"versionEndIncluding": "1.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "9C400697-E7FB-4EF4-AF0A-060E2E4193C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "2087DC1D-9290-4238-AFF7-1E59FAAACF01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B05ECC-AA89-4594-8391-AEE5D52F93C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:1.26:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3E02AB-F3E9-4092-AECA-2F7F8FD87A58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3478EDF-AFAF-4FCB-9083-B732515D5B8D",
"versionEndIncluding": "1.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "2C01B4AC-F7A1-4D9B-990A-2B8DE03211B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2C0B4004-7C7B-423A-BDE4-58023E89F6E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability on the HP Integrated Lights-Out 3 (aka iLO3) with firmware before 1.50 and Integrated Lights-Out 4 (aka iLO4) with firmware before 1.13 allows remote attackers to obtain sensitive information via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el HP Integrated Lights-Out 3 (tambi\u00e9n conocido como iLO3) con firmware anterior a v1.50 e Integrated Lights-Out 4 (tambi\u00e9n conocido como iLO4) con firmware anterior a v1.13 permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2012-3271",
"lastModified": "2024-11-21T01:40:33.210",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-11-29T13:14:37.227",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03515413"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03515413"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://secunia.com/advisories/51378"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securityfocus.com/bid/56597"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securitytracker.com/id?1027790"
},
{
"source": "hp-security-alert@hp.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03515413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03515413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/51378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/56597"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80155"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-09-08 16:59
Modified
2024-11-21 02:51
Severity ?
Summary
Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 (aka iLO 3) firmware before 1.88, Integrated Lights-Out 4 (aka iLO 4) firmware before 2.44, and Integrated Lights-Out 4 (aka iLO 4) mRCA firmware before 2.32 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | integrated_lights-out_3_firmware | 1.87 | |
| hp | integrated_lights-out_4_firmware | 2.43 | |
| hp | integrated_lights-out_4_mrca_firmware | 2.31 | |
| hp | integrated_lights-out_3 | - | |
| hp | integrated_lights-out_4 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:1.87:*:*:*:*:*:*:*",
"matchCriteriaId": "1E74314B-307A-4F3B-A517-F02B74B32B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:2.43:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF64F5C-BA91-4D78-927C-5359F2A5D049",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4_mrca_firmware:2.31:*:*:*:*:*:*:*",
"matchCriteriaId": "9B85C14E-6658-48F2-AAB7-EFA610CF2C14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:integrated_lights-out_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A637F287-5A65-497B-8A28-647E774CF678",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:hp:integrated_lights-out_4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47EEB8DA-1CDD-428C-988C-249E2816F18C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 (aka iLO 3) firmware before 1.88, Integrated Lights-Out 4 (aka iLO 4) firmware before 2.44, and Integrated Lights-Out 4 (aka iLO 4) mRCA firmware before 2.32 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en firmware HPE Integrated Lights-Out 3 (tambi\u00e9n conocido como iLO 3) en versiones anteriores a 1.88, firmware Integrated Lights-Out 4 (tambi\u00e9n conocido como iLO 4) en versiones anteriores a 2.44 y firmware mRCA Integrated Lights-Out 4 (tambi\u00e9n conocido como iLO 4) en versiones anteriores a 2.32 permite a atacantes remotos obtener informaci\u00f3n sensible, modificar datos o provocar una denegaci\u00f3n de servicio a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2016-4375",
"lastModified": "2024-11-21T02:51:58.800",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-09-08T16:59:00.143",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/92484"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1036629"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05236950"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/92484"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036629"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05236950"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-08-06 20:29
Modified
2024-11-21 02:52
Severity ?
Summary
A remote cross site scripting vulnerability was identified in HPE iLO 3 all version prior to v1.88 and HPE iLO 4 all versions prior to v2.44.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-alert@hpe.com | http://www.securityfocus.com/bid/94426 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | http://www.securitytracker.com/id/1037318 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05337025 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94426 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1037318 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05337025 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | integrated_lights-out_3_firmware | * | |
| hp | integrated_lights-out_4_firmware | * | |
| hp | integrated_lights-out | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CF0FE3A-AAF3-43DE-A7F5-73BABF7AFC04",
"versionEndExcluding": "1.88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FEF91E1-574E-4E36-B3A0-9045C628F189",
"versionEndExcluding": "2.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:integrated_lights-out:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3BB462-1E25-4D84-ABC6-68F6762D719D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote cross site scripting vulnerability was identified in HPE iLO 3 all version prior to v1.88 and HPE iLO 4 all versions prior to v2.44."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad remota de Cross-Site Scripting (XSS) en iLO 3 en todas las versiones anteriores a la v1.88 y HPE iLO 4 en todas las versiones anteriores a la v2.44."
}
],
"id": "CVE-2016-4406",
"lastModified": "2024-11-21T02:52:03.383",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-08-06T20:29:00.757",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94426"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037318"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05337025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05337025"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2015-5435
Vulnerability from cvelistv5
Published
2015-09-29 00:00
Modified
2024-08-06 06:50
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 3 before 1.85 and 4 before 2.22 allows remote authenticated users to cause a denial of service via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10138 | x_refsource_CONFIRM | |
| http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04785857 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1033660 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:50:02.480Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10138"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04785857"
},
{
"name": "1033660",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033660"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-09-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 3 before 1.85 and 4 before 2.22 allows remote authenticated users to cause a denial of service via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-22T18:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10138"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04785857"
},
{
"name": "1033660",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033660"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2015-5435",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 3 before 1.85 and 4 before 2.22 allows remote authenticated users to cause a denial of service via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10138",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10138"
},
{
"name": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04785857",
"refsource": "CONFIRM",
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04785857"
},
{
"name": "1033660",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033660"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2015-5435",
"datePublished": "2015-09-29T00:00:00",
"dateReserved": "2015-07-07T00:00:00",
"dateUpdated": "2024-08-06T06:50:02.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-7093
Vulnerability from cvelistv5
Published
2018-08-14 14:00
Modified
2024-08-05 06:17
Severity ?
EPSS score ?
Summary
A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior to v2.55 could be remotely exploited to create a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1041435 | vdb-entry, x_refsource_SECTRACK | |
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03835en_us | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Hewlett Packard Enterprise | iLO 5 for HPE Gen10 Servers, iLO 4, iLO 3, Moonshot Chassis Management Firmware, Moonshot Component Packs for HPE ProLiant m510 and m710x server cartridges |
Version: iLO 5 for HPE Gen10 Servers - Prior to v1.30, iLO 4 - Prior to v2.60, iLO 3 - Prior to v1.90, Moonshot Chassis Management Firmware - Prior to 1.58, Moonshot Component Packs - Prior to 2.55 for HPE ProLiant m510 and m710x server cartridges |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:17:17.590Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041435",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041435"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03835en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iLO 5 for HPE Gen10 Servers, iLO 4, iLO 3, Moonshot Chassis Management Firmware, Moonshot Component Packs for HPE ProLiant m510 and m710x server cartridges",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "iLO 5 for HPE Gen10 Servers - Prior to v1.30, iLO 4 - Prior to v2.60, iLO 3 - Prior to v1.90, Moonshot Chassis Management Firmware - Prior to 1.58, Moonshot Component Packs - Prior to 2.55 for HPE ProLiant m510 and m710x server cartridges"
}
]
}
],
"datePublic": "2018-08-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior to v2.55 could be remotely exploited to create a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-15T09:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "1041435",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041435"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03835en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2018-7093",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iLO 5 for HPE Gen10 Servers, iLO 4, iLO 3, Moonshot Chassis Management Firmware, Moonshot Component Packs for HPE ProLiant m510 and m710x server cartridges",
"version": {
"version_data": [
{
"version_value": "iLO 5 for HPE Gen10 Servers - Prior to v1.30, iLO 4 - Prior to v2.60, iLO 3 - Prior to v1.90, Moonshot Chassis Management Firmware - Prior to 1.58, Moonshot Component Packs - Prior to 2.55 for HPE ProLiant m510 and m710x server cartridges"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior to v2.55 could be remotely exploited to create a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041435",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041435"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03835en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03835en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2018-7093",
"datePublished": "2018-08-14T14:00:00",
"dateReserved": "2018-02-15T00:00:00",
"dateUpdated": "2024-08-05T06:17:17.590Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-11982
Vulnerability from cvelistv5
Published
2019-06-05 16:35
Modified
2024-08-04 23:10
Severity ?
EPSS score ?
Summary
A remote cross site scripting vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03917en_us | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE iLO4 and HPE iLO5 |
Version: iLO4 prior to v2.61b and iLO5 prior to v1.39 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:10:29.994Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03917en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE iLO4 and HPE iLO5",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "iLO4 prior to v2.61b and iLO5 prior to v1.39"
}
]
}
],
"datePublic": "2019-05-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote cross site scripting vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cross site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-05T16:35:10",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03917en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2019-11982",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE iLO4 and HPE iLO5",
"version": {
"version_data": [
{
"version_value": "iLO4 prior to v2.61b and iLO5 prior to v1.39"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote cross site scripting vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "cross site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03917en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03917en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2019-11982",
"datePublished": "2019-06-05T16:35:10",
"dateReserved": "2019-05-13T00:00:00",
"dateUpdated": "2024-08-04T23:10:29.994Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2106
Vulnerability from cvelistv5
Published
2015-03-31 10:00
Modified
2024-08-06 05:02
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial of service via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04582368 | vendor-advisory, x_refsource_HP | |
| http://www.securitytracker.com/id/1031974 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/73324 | vdb-entry, x_refsource_BID | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04582368 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:02:43.408Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBHF03276",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04582368"
},
{
"name": "1031974",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031974"
},
{
"name": "73324",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/73324"
},
{
"name": "SSRT101886",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04582368"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial of service via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-28T20:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBHF03276",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04582368"
},
{
"name": "1031974",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031974"
},
{
"name": "73324",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/73324"
},
{
"name": "SSRT101886",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04582368"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2015-2106",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial of service via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBHF03276",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04582368"
},
{
"name": "1031974",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031974"
},
{
"name": "73324",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73324"
},
{
"name": "SSRT101886",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04582368"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2015-2106",
"datePublished": "2015-03-31T10:00:00",
"dateReserved": "2015-02-27T00:00:00",
"dateUpdated": "2024-08-06T05:02:43.408Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-2338
Vulnerability from cvelistv5
Published
2013-06-14 19:00
Modified
2024-09-17 02:26
Severity ?
EPSS score ?
Summary
Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) cards with firmware before 1.57 and 4 (aka iLO4) cards with firmware before 1.22, when Single-Sign-On (SSO) is used, allows remote attackers to execute arbitrary code via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03787836 | vendor-advisory, x_refsource_HP | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03787836 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:36:46.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBHF02885",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03787836"
},
{
"name": "SSRT101180",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03787836"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) cards with firmware before 1.57 and 4 (aka iLO4) cards with firmware before 1.22, when Single-Sign-On (SSO) is used, allows remote attackers to execute arbitrary code via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-06-14T19:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBHF02885",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03787836"
},
{
"name": "SSRT101180",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03787836"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-2338",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) cards with firmware before 1.57 and 4 (aka iLO4) cards with firmware before 1.22, when Single-Sign-On (SSO) is used, allows remote attackers to execute arbitrary code via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBHF02885",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03787836"
},
{
"name": "SSRT101180",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03787836"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-2338",
"datePublished": "2013-06-14T19:00:00Z",
"dateReserved": "2013-03-04T00:00:00Z",
"dateUpdated": "2024-09-17T02:26:26.435Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-7105
Vulnerability from cvelistv5
Published
2018-09-27 18:00
Modified
2024-08-05 06:17
Severity ?
EPSS score ?
Summary
A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90 could be remotely exploited to execute arbitrary code leading to disclosure of information.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/105425 | vdb-entry, x_refsource_BID | |
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03866en_us | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041649 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Hewlett Packard Enterprise | HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers, HPE Integrated Lights-Out 4 (iLO 4), HPE Integrated Lights-Out 3 (iLO 3) |
Version: HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:17:17.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105425",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105425"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03866en_us"
},
{
"name": "1041649",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041649"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers, HPE Integrated Lights-Out 4 (iLO 4), HPE Integrated Lights-Out 3 (iLO 3)",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90"
}
]
}
],
"datePublic": "2018-09-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90 could be remotely exploited to execute arbitrary code leading to disclosure of information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote execution of arbitrary code",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T17:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "105425",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105425"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03866en_us"
},
{
"name": "1041649",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041649"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2018-7105",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers, HPE Integrated Lights-Out 4 (iLO 4), HPE Integrated Lights-Out 3 (iLO 3)",
"version": {
"version_data": [
{
"version_value": "HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90 could be remotely exploited to execute arbitrary code leading to disclosure of information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote execution of arbitrary code"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105425",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105425"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03866en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03866en_us"
},
{
"name": "1041649",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041649"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2018-7105",
"datePublished": "2018-09-27T18:00:00",
"dateReserved": "2018-02-15T00:00:00",
"dateUpdated": "2024-08-05T06:17:17.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-7101
Vulnerability from cvelistv5
Published
2018-09-27 18:00
Modified
2024-08-05 06:17
Severity ?
EPSS score ?
Summary
A potential remote denial of service security vulnerability has been identified in HPE Integrated Lights Out 4 prior to v2.60 and iLO 5 for Gen 10 servers prior to v1.30.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1041488 | vdb-entry, x_refsource_SECTRACK | |
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03875en_us | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Hewlett Packard Enterprise | HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers, HPE Integrated Lights-Out 4 (iLO 4) |
Version: iLO 4 prior to v2.26, iLO5 prior to v1.30 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:17:17.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041488",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041488"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03875en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers, HPE Integrated Lights-Out 4 (iLO 4)",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "iLO 4 prior to v2.26, iLO5 prior to v1.30"
}
]
}
],
"datePublic": "2018-08-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A potential remote denial of service security vulnerability has been identified in HPE Integrated Lights Out 4 prior to v2.60 and iLO 5 for Gen 10 servers prior to v1.30."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-28T09:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "1041488",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041488"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03875en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2018-7101",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers, HPE Integrated Lights-Out 4 (iLO 4)",
"version": {
"version_data": [
{
"version_value": "iLO 4 prior to v2.26, iLO5 prior to v1.30"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A potential remote denial of service security vulnerability has been identified in HPE Integrated Lights Out 4 prior to v2.60 and iLO 5 for Gen 10 servers prior to v1.30."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041488",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041488"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03875en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03875en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2018-7101",
"datePublished": "2018-09-27T18:00:00",
"dateReserved": "2018-02-15T00:00:00",
"dateUpdated": "2024-08-05T06:17:17.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12542
Vulnerability from cvelistv5
Published
2018-02-15 22:00
Modified
2024-09-17 01:55
Severity ?
EPSS score ?
Summary
A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 (iLO 4) version prior to 2.53 was found.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/100467 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1039222 | vdb-entry, x_refsource_SECTRACK | |
| https://www.exploit-db.com/exploits/44005/ | exploit, x_refsource_EXPLOIT-DB | |
| https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03769en_us | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Hewlett Packard Enterprise | Integrated Lights-out 4 (iLO 4) |
Version: Prior to 2.53 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:43:55.875Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100467",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100467"
},
{
"name": "1039222",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039222"
},
{
"name": "44005",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44005/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03769en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Integrated Lights-out 4 (iLO 4)",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "Prior to 2.53"
}
]
}
],
"datePublic": "2017-08-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 (iLO 4) version prior to 2.53 was found."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "authentication bypass and execution of code",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T15:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "100467",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100467"
},
{
"name": "1039222",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039222"
},
{
"name": "44005",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44005/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03769en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-08-24T00:00:00",
"ID": "CVE-2017-12542",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Integrated Lights-out 4 (iLO 4)",
"version": {
"version_data": [
{
"version_value": "Prior to 2.53"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 (iLO 4) version prior to 2.53 was found."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "authentication bypass and execution of code"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100467",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100467"
},
{
"name": "1039222",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039222"
},
{
"name": "44005",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44005/"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03769en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03769en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2017-12542",
"datePublished": "2018-02-15T22:00:00Z",
"dateReserved": "2017-08-05T00:00:00",
"dateUpdated": "2024-09-17T01:55:41.333Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-4406
Vulnerability from cvelistv5
Published
2018-08-06 20:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
A remote cross site scripting vulnerability was identified in HPE iLO 3 all version prior to v1.88 and HPE iLO 4 all versions prior to v2.44.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05337025 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1037318 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/94426 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Hewlett Packard Enterprise | HP Integrated Lights-Out 3 (iLO 3), HPE Integrated Lights-Out 4 (iLO 4) |
Version: iLO 3 all version prior to v1.88,iLO 4 all versions prior to v2.44 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.527Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05337025"
},
{
"name": "1037318",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037318"
},
{
"name": "94426",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94426"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP Integrated Lights-Out 3 (iLO 3), HPE Integrated Lights-Out 4 (iLO 4)",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "iLO 3 all version prior to v1.88,iLO 4 all versions prior to v2.44"
}
]
}
],
"datePublic": "2016-11-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote cross site scripting vulnerability was identified in HPE iLO 3 all version prior to v1.88 and HPE iLO 4 all versions prior to v2.44."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cross site scripting (XSS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-07T09:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05337025"
},
{
"name": "1037318",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037318"
},
{
"name": "94426",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94426"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2016-4406",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP Integrated Lights-Out 3 (iLO 3), HPE Integrated Lights-Out 4 (iLO 4)",
"version": {
"version_data": [
{
"version_value": "iLO 3 all version prior to v1.88,iLO 4 all versions prior to v2.44"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote cross site scripting vulnerability was identified in HPE iLO 3 all version prior to v1.88 and HPE iLO 4 all versions prior to v2.44."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "cross site scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05337025",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05337025"
},
{
"name": "1037318",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037318"
},
{
"name": "94426",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94426"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2016-4406",
"datePublished": "2018-08-06T20:00:00",
"dateReserved": "2016-04-29T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.527Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-7078
Vulnerability from cvelistv5
Published
2018-08-06 20:00
Modified
2024-08-05 06:17
Severity ?
EPSS score ?
Summary
A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2.60 and HPE Integrated Lights-Out 5 (iLO 5) earlier than version v1.30.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03844en_us | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041188 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Hewlett Packard Enterprise | HPE Integrated Lights-Out 4 (iLO 4), HPE Integrated Lights-Out 5 (iLO 5) |
Version: iLO 4 earlier than version v2.60, iLO 5 earlier than version v1.30 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:17:17.478Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03844en_us"
},
{
"name": "1041188",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041188"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4), HPE Integrated Lights-Out 5 (iLO 5)",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "iLO 4 earlier than version v2.60, iLO 5 earlier than version v1.30"
}
]
}
],
"datePublic": "2018-06-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2.60 and HPE Integrated Lights-Out 5 (iLO 5) earlier than version v1.30."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-07T09:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03844en_us"
},
{
"name": "1041188",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041188"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2018-7078",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4), HPE Integrated Lights-Out 5 (iLO 5)",
"version": {
"version_data": [
{
"version_value": "iLO 4 earlier than version v2.60, iLO 5 earlier than version v1.30"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2.60 and HPE Integrated Lights-Out 5 (iLO 5) earlier than version v1.30."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03844en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03844en_us"
},
{
"name": "1041188",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041188"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2018-7078",
"datePublished": "2018-08-06T20:00:00",
"dateReserved": "2018-02-15T00:00:00",
"dateUpdated": "2024-08-05T06:17:17.478Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-7112
Vulnerability from cvelistv5
Published
2018-12-03 15:00
Modified
2024-08-05 06:17
Severity ?
EPSS score ?
Summary
The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. This issue was resolved in previously provided firmware updates as follows. The HPE Windows firmware installer was updated in the system ROM updates which also addressed the original Spectre/Meltdown set of vulnerabilities. At that time, the Windows firmware installer was also updated in the versions of HPE Integrated Lights-Out 2, 3, and 4 (iLO 2, 3, and 4) listed in the security bulletin. The updated HPE Windows firmware installer was released in the system ROM and HPE Integrated Lights-Out (iLO) releases documented in earlier HPE Security Bulletins: HPESBHF03805, HPESBHF03835, HPESBHF03831. Windows-based systems that have already been updated to the system ROM or iLO versions described in these security bulletins require no further action.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1041984 | vdb-entry, x_refsource_SECTRACK | |
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us | x_refsource_CONFIRM | |
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03805en_us | x_refsource_CONFIRM | |
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03835en_us | x_refsource_CONFIRM | |
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03869en_us | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Hewlett Packard Enterprise | Windows firmware installer for Gen9, Gen8, G7,and G6 HPE servers |
Version: Only the Windows based firmware installers for the following products. HPE Integrated Lights-Out 2 (iLO 2) Firmware for ProLiant G6 Servers - Prior to v2.33, HPE Integrated Lights-Out 3 (iLO 3) Firmware for ProLiant G7 Servers - Prior to v1.90, HPE Integrated Lights-Out 4 (iLO 4) Firmware for ProLiant Gen8 Server firmwares - Prior to v2.60, HPE ProLiant XL750f Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL740f Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL730f Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL450 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL270d Gen9 Special Server - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL270d Gen9 Accelerator Tray 2U Configure-to-order Server - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL260a Gen9 Server firmware - Prior to 1.60_01-22-2018(26 Feb 2018), HPE ProLiant XL250a Gen9 Server firmware - Prior to 2.56_01-22- ...[truncated*] |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:17:17.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041984",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041984"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03831en_us"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03805en_us"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03835en_us"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03869en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Windows firmware installer for Gen9, Gen8, G7,and G6 HPE servers",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "Only the Windows based firmware installers for the following products. HPE Integrated Lights-Out 2 (iLO 2) Firmware for ProLiant G6 Servers - Prior to v2.33, HPE Integrated Lights-Out 3 (iLO 3) Firmware for ProLiant G7 Servers - Prior to v1.90, HPE Integrated Lights-Out 4 (iLO 4) Firmware for ProLiant Gen8 Server firmwares - Prior to v2.60, HPE ProLiant XL750f Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL740f Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL730f Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL450 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL270d Gen9 Special Server - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL270d Gen9 Accelerator Tray 2U Configure-to-order Server - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL260a Gen9 Server firmware - Prior to 1.60_01-22-2018(26 Feb 2018), HPE ProLiant XL250a Gen9 Server firmware - Prior to 2.56_01-22- ...[truncated*]"
}
]
}
],
"datePublic": "2018-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. This issue was resolved in previously provided firmware updates as follows. The HPE Windows firmware installer was updated in the system ROM updates which also addressed the original Spectre/Meltdown set of vulnerabilities. At that time, the Windows firmware installer was also updated in the versions of HPE Integrated Lights-Out 2, 3, and 4 (iLO 2, 3, and 4) listed in the security bulletin. The updated HPE Windows firmware installer was released in the system ROM and HPE Integrated Lights-Out (iLO) releases documented in earlier HPE Security Bulletins: HPESBHF03805, HPESBHF03835, HPESBHF03831. Windows-based systems that have already been updated to the system ROM or iLO versions described in these security bulletins require no further action."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local disclosure of privileged information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-04T10:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "1041984",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041984"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03831en_us"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03805en_us"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03835en_us"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03869en_us"
}
],
"x_ConverterErrors": {
"version_name": {
"error": "version_name too long. Use array of versions to record more than one version.",
"message": "Truncated!"
}
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2018-7112",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows firmware installer for Gen9, Gen8, G7,and G6 HPE servers",
"version": {
"version_data": [
{
"version_value": "Only the Windows based firmware installers for the following products. HPE Integrated Lights-Out 2 (iLO 2) Firmware for ProLiant G6 Servers - Prior to v2.33, HPE Integrated Lights-Out 3 (iLO 3) Firmware for ProLiant G7 Servers - Prior to v1.90, HPE Integrated Lights-Out 4 (iLO 4) Firmware for ProLiant Gen8 Server firmwares - Prior to v2.60, HPE ProLiant XL750f Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL740f Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL730f Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL450 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL270d Gen9 Special Server - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL270d Gen9 Accelerator Tray 2U Configure-to-order Server - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL260a Gen9 Server firmware - Prior to 1.60_01-22-2018(26 Feb 2018), HPE ProLiant XL250a Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL230a Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL190r Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant XL170r Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant DL560 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant DL380 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant DL360 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant DL180 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant DL160 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant DL120 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018). HPE ProLiant DL80 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant DL60 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant DL20 Gen9 Server firmware - Prior to 2.56_01-22-2018(27 Feb 2018), HPE ProLiant ML350 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant ML150 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant ML110 Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant ML30 Gen9 Server firmware - Prior to 2.56_01-22-2018(27 Feb 2018), HPE ProLiant ML10 Gen9 Server firmware - Prior to 2018.01.22(22 Mar 2018), HPE ProLiant BL660c Gen9 Server firmware - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant BL460c Gen9 Server firmware Blade - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant WS460c Gen9 Workstation - Prior to 2.56_01-22-2018(23 Feb 2018), HPE ProLiant DL380e Gen8 Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant DL360p Gen8 Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant DL360e Gen8 Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant DL320e Gen8 Server firmware - Prior to 2018.01.22(5 Mar 2018), HPE ProLiant DL320e Gen8 v2 Server firmware - Prior to 2018.01.22(23 Feb 2018), HPE ProLiant DL160 Gen8 Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant SL250s Gen8 Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant SL210t Gen8 Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant BL660c Gen8 Server firmware Blade - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant BL465c Gen8 (AMD) - Prior to 2018.03.14(12 Apr 2018), HPE ProLiant BL460c Gen8 Server firmware Blade - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant BL420c Gen8 Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant SL4540 Gen8 1 Node Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant SL270s Gen8 Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant DL580 Gen8 Server firmware - Prior to 2.00_02-22-2018(2 Mar 2018), HPE ProLiant DL560 Gen8 Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant DL380p Gen8 Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant DL385p Gen8 (AMD) - Prior to 2018.03.14(12 Apr 2018), HPE ProLiant ML350e Gen8 v2 Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant ML350e Gen8 Server firmware - Prior to 2018.01.22(2 Mar 2018), HPE ProLiant ML350p Gen8 Server firmware - Prior to 2018.01.22(2 Mar 2018),HPE ProLiant ML310e Gen8 v2 Server firmware - Prior to 2018.01.22(23 Feb 2018), HPE ProLiant ML310e Gen8 Server firmware - Prior to 2018.01.22(5 Mar 2018), HPE ProLiant MicroServer Gen8 - Prior to 2018.01.22(5 Mar 2018), HPE ProLiant m710 Server Cartridge firmware - Prior to 2018.01.22(24 Feb 2018), HPE ProLiant m710p Server Cartridge firmware - Prior to 2018.01.22(24 Feb 2018), HPE ProLiant m710x Server Cartridge firmware - Prior to 1.64_01-22-2018(27 Feb 2018), HPE ProLiant m510 Server Cartridge firmware - Prior to 1.64_01-22-2018(27 Feb 2018), HPE ProLiant m350 Server Cartridge firmware - Prior to 2018.01.22(27 Feb 2018), HPE ProLiant m300 Server Cartridge firmware - Prior to 2018.01.22(27 Feb 2018), HPE ProLiant BL2x220c G7 Server Blade firmware - Prior to 2018.05.21(2 Jul 2018), HPE ProLiant DL980 G7 Server firmware - Prior to 2018.05.21(11 Jul 2018), HPE ProLiant DL585 G7 Server firmware (AMD) - Prior to 2018.03.14(12 Apr 2018), HPE ProLiant DL580 G7 Server firmware - Prior to 2018.05.21(11 Jul 2018), HPE ProLiant DL385 G7 Server firmware - Prior to 2018.03.14(20 Apr 2018), HPE ProLiant DL380 G7 Server firmware - Prior to 2018.05.21(2 Jul 2018), HPE ProLiant DL120 G7 Server firmware - Prior to 2018.05.21(2 Jul 2018), HPE ProLiant DL360 G7 Server firmware - Prior to 2018.05.21(2 Jul 2018), HPE ProLiant BL685c G7 Server firmware Blade (AMD) - Prior to 2018.03.14(12 Apr 2018), HPE ProLiant BL680c G7 Server firmware Blade - Prior to 2018.05.21(11 Jul 2018), HPE ProLiant BL620c G7 Server firmware Blade - Prior to 2018.05.21(11 Jul 2018), HPE ProLiant BL490c G7 Server Blade firmware - Prior to 2018.05.21(2 Jul 2018), HPE ProLiant BL465c G7 Server Blade firmware - Prior to 2018.03.14(20 Apr 2018), HPE ProLiant BL460c G7 Server Blade firmware - Prior to 2018.05.21(2 Jul 2018), HPE ProLiant SL390s G7 Server firmware - Prior to 2018.05.21(2 Jul 2018), HPE ProLiant ML110 G7 Server firmware - Prior to 2018.05.21(2 Jul 2018), HPE ProLiant ML10 v2 Server firmware - Prior to 2018.01.22(23 Feb 2018), HPE ProLiant SL4545 G7 Server firmware (AMD) - Prior to 2018.03.14(A)(12 Apr 2018), HPE ProLiant Thin Micro TM200 Server firmware - Prior to 2.56_01-22-2018(27 Feb 2018), HPE ProLiant DL380 G6 Server firmware - Prior to 2018.05.21(2 Jul 2018), HPE ProLiant DL370 G6 Server firmware - Prior to 2018.05.21(2 Jul 2018), HPE ProLiant DL360 G6 Server firmware - Prior to 2018.05.21(2 Jul 2018), HPE ProLiant DL320 G6 Server firmware - Prior to 2018.05.21(2 Jul 2018), HPE ProLiant DL180 G6 Server No microcode patch provided, HPE ProLiant DL170h G6 Server No microcode patch provided, HPE ProLiant DL170e G6 Server No microcode patch provided, HPE ProLiant DL160 G6 Server No microcode patch provided, HPE ProLiant DL120 G6 Server No microcode patch provided, HPE ProLiant ML370 G6 Server firmware - Prior to 2018.05.21(2 Jul 2018), HPE ProLiant ML350 G6 Server firmware - Prior to 2018.05.21(2 Jul 2018), HPE ProLiant ML330 G6 Server firmware - Prior to 2018.05.21(2 Jul 2018), HPE ProLiant ML150 G6 Server firmware No microcode patch provided, HPE ProLiant ML110 G6 Server firmware No microcode patch provided, HPE ProLiant SL2x170z G6 Server firmware No microcode patch provided, HPE ProLiant BL490c G6 Server Blade firmware - Prior to 2018.05.21(2 Jul 2018), HPE ProLiant BL460c G6 Server Blade firmware - Prior to 2018.05.21(2 Jul 2018), HPE ProLiant SL170z G6 Server firmware No microcode patch provided, HPE ProLiant SL160s G6 Server firmware No microcode patch provided, HPE ProLiant BL2x220c G6 Server Blade firmware - Prior to 2018.05.21(2 Jul 2018), HPE ProLiant BL280c G6 Server Blade firmware - Prior to 2018.05.21(2 Jul 2018)"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. This issue was resolved in previously provided firmware updates as follows. The HPE Windows firmware installer was updated in the system ROM updates which also addressed the original Spectre/Meltdown set of vulnerabilities. At that time, the Windows firmware installer was also updated in the versions of HPE Integrated Lights-Out 2, 3, and 4 (iLO 2, 3, and 4) listed in the security bulletin. The updated HPE Windows firmware installer was released in the system ROM and HPE Integrated Lights-Out (iLO) releases documented in earlier HPE Security Bulletins: HPESBHF03805, HPESBHF03835, HPESBHF03831. Windows-based systems that have already been updated to the system ROM or iLO versions described in these security bulletins require no further action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local disclosure of privileged information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041984",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041984"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03831en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03831en_us"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03805en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03805en_us"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03835en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03835en_us"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03869en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03869en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2018-7112",
"datePublished": "2018-12-03T15:00:00",
"dateReserved": "2018-02-15T00:00:00",
"dateUpdated": "2024-08-05T06:17:17.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-3271
Vulnerability from cvelistv5
Published
2012-11-29 11:00
Modified
2024-08-06 19:57
Severity ?
EPSS score ?
Summary
Unspecified vulnerability on the HP Integrated Lights-Out 3 (aka iLO3) with firmware before 1.50 and Integrated Lights-Out 4 (aka iLO4) with firmware before 1.13 allows remote attackers to obtain sensitive information via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/56597 | vdb-entry, x_refsource_BID | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03515413 | vendor-advisory, x_refsource_HP | |
| http://secunia.com/advisories/51378 | third-party-advisory, x_refsource_SECUNIA | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03515413 | vendor-advisory, x_refsource_HP | |
| http://www.securitytracker.com/id?1027790 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/80155 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:57:50.405Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "56597",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/56597"
},
{
"name": "HPSBHF02821",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03515413"
},
{
"name": "51378",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51378"
},
{
"name": "SSRT100934",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03515413"
},
{
"name": "1027790",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027790"
},
{
"name": "hp-integrated-lights-info-disc(80155)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80155"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-11-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability on the HP Integrated Lights-Out 3 (aka iLO3) with firmware before 1.50 and Integrated Lights-Out 4 (aka iLO4) with firmware before 1.13 allows remote attackers to obtain sensitive information via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "56597",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/56597"
},
{
"name": "HPSBHF02821",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03515413"
},
{
"name": "51378",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51378"
},
{
"name": "SSRT100934",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03515413"
},
{
"name": "1027790",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027790"
},
{
"name": "hp-integrated-lights-info-disc(80155)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80155"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2012-3271",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability on the HP Integrated Lights-Out 3 (aka iLO3) with firmware before 1.50 and Integrated Lights-Out 4 (aka iLO4) with firmware before 1.13 allows remote attackers to obtain sensitive information via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "56597",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56597"
},
{
"name": "HPSBHF02821",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03515413"
},
{
"name": "51378",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51378"
},
{
"name": "SSRT100934",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03515413"
},
{
"name": "1027790",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027790"
},
{
"name": "hp-integrated-lights-info-disc(80155)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80155"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2012-3271",
"datePublished": "2012-11-29T11:00:00",
"dateReserved": "2012-06-06T00:00:00",
"dateUpdated": "2024-08-06T19:57:50.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-4375
Vulnerability from cvelistv5
Published
2016-09-08 16:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 (aka iLO 3) firmware before 1.88, Integrated Lights-Out 4 (aka iLO 4) firmware before 2.44, and Integrated Lights-Out 4 (aka iLO 4) mRCA firmware before 2.32 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1036629 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/92484 | vdb-entry, x_refsource_BID | |
| https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05236950 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.571Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036629",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036629"
},
{
"name": "92484",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92484"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05236950"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 (aka iLO 3) firmware before 1.88, Integrated Lights-Out 4 (aka iLO 4) firmware before 2.44, and Integrated Lights-Out 4 (aka iLO 4) mRCA firmware before 2.32 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1036629",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036629"
},
{
"name": "92484",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92484"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05236950"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4375",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 (aka iLO 3) firmware before 1.88, Integrated Lights-Out 4 (aka iLO 4) firmware before 2.44, and Integrated Lights-Out 4 (aka iLO 4) mRCA firmware before 2.32 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036629",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036629"
},
{
"name": "92484",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92484"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05236950",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05236950"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4375",
"datePublished": "2016-09-08T16:00:00",
"dateReserved": "2016-04-29T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.571Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-11983
Vulnerability from cvelistv5
Published
2019-06-05 16:36
Modified
2024-08-04 23:10
Severity ?
EPSS score ?
Summary
A remote buffer overflow vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03917en_us | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HPE iLO4 and HPE iLO5 |
Version: iLO4 prior to v2.61b and iLO5 prior to v1.39 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:10:29.947Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03917en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE iLO4 and HPE iLO5",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "iLO4 prior to v2.61b and iLO5 prior to v1.39"
}
]
}
],
"datePublic": "2019-05-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote buffer overflow vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-05T16:36:07",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03917en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2019-11983",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE iLO4 and HPE iLO5",
"version": {
"version_data": [
{
"version_value": "iLO4 prior to v2.61b and iLO5 prior to v1.39"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote buffer overflow vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03917en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03917en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2019-11983",
"datePublished": "2019-06-05T16:36:07",
"dateReserved": "2019-05-13T00:00:00",
"dateUpdated": "2024-08-04T23:10:29.947Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-7876
Vulnerability from cvelistv5
Published
2015-03-31 10:00
Modified
2024-08-06 13:03
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management (CM) firmware before 1.30 allows remote attackers to gain privileges, execute arbitrary code, or cause a denial of service via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1031972 | vdb-entry, x_refsource_SECTRACK | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04486432 | vendor-advisory, x_refsource_HP | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04486432 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:03:27.516Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1031972",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031972"
},
{
"name": "SSRT101745",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04486432"
},
{
"name": "HPSBHF03151",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04486432"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management (CM) firmware before 1.30 allows remote attackers to gain privileges, execute arbitrary code, or cause a denial of service via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-01T13:57:00",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "1031972",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031972"
},
{
"name": "SSRT101745",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04486432"
},
{
"name": "HPSBHF03151",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04486432"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2014-7876",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management (CM) firmware before 1.30 allows remote attackers to gain privileges, execute arbitrary code, or cause a denial of service via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1031972",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031972"
},
{
"name": "SSRT101745",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04486432"
},
{
"name": "HPSBHF03151",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04486432"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2014-7876",
"datePublished": "2015-03-31T10:00:00",
"dateReserved": "2014-10-06T00:00:00",
"dateUpdated": "2024-08-06T13:03:27.516Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12543
Vulnerability from cvelistv5
Published
2018-02-15 22:00
Modified
2024-09-17 02:26
Severity ?
EPSS score ?
Summary
A remote disclosure of information vulnerability in Moonshot Remote Console Administrator Prior to 2.50, iLO4 prior to v2.53, iLO3 prior to v1.89 and iLO2 prior to v2.30 was found.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03705en_us | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/101944 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Hewlett Packard Enterprise | Integrated Lights-Out 4 |
Version: Moonshot Remote Console Administrator Prior to 2.50, iLO4 prior to v2.53, iLO3 prior to v1.89 and iLO2 prior to v2.30 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:43:55.947Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03705en_us"
},
{
"name": "101944",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101944"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Integrated Lights-Out 4",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "Moonshot Remote Console Administrator Prior to 2.50, iLO4 prior to v2.53, iLO3 prior to v1.89 and iLO2 prior to v2.30"
}
]
}
],
"datePublic": "2017-08-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote disclosure of information vulnerability in Moonshot Remote Console Administrator Prior to 2.50, iLO4 prior to v2.53, iLO3 prior to v1.89 and iLO2 prior to v2.30 was found."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote disclosure of information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T15:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03705en_us"
},
{
"name": "101944",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101944"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-08-24T00:00:00",
"ID": "CVE-2017-12543",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Integrated Lights-Out 4",
"version": {
"version_data": [
{
"version_value": "Moonshot Remote Console Administrator Prior to 2.50, iLO4 prior to v2.53, iLO3 prior to v1.89 and iLO2 prior to v2.30"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote disclosure of information vulnerability in Moonshot Remote Console Administrator Prior to 2.50, iLO4 prior to v2.53, iLO3 prior to v1.89 and iLO2 prior to v2.30 was found."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote disclosure of information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03705en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03705en_us"
},
{
"name": "101944",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101944"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2017-12543",
"datePublished": "2018-02-15T22:00:00Z",
"dateReserved": "2017-08-05T00:00:00",
"dateUpdated": "2024-09-17T02:26:56.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}