Search criteria
18 vulnerabilities found for integrated_lights-out_firmware by hp
FKIE_CVE-2023-28092
Vulnerability from fkie_nvd - Published: 2023-05-01 15:15 - Updated: 2024-11-21 07:54
Severity ?
6.1 (Medium) - CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:L
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A potential security vulnerability has been identified in HPE ProLiant RL300 Gen11 Server. The vulnerability could result in the system being vulnerable to exploits by attackers with physical access inside the server chassis.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | integrated_lights-out_firmware | 1.05 | |
| hp | integrated_lights-out | 6 | |
| hp | proliant_rl300_firmware | 1.12 | |
| hp | proliant_rl300 | gen_11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "669BABDD-65EC-44AB-833C-AFF4224EB356",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:integrated_lights-out:6:*:*:*:*:*:*:*",
"matchCriteriaId": "F211ABF9-9617-43CF-9DC5-E46CB0518B7E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:proliant_rl300_firmware:1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0CCE84C1-7EF8-4460-8417-A1A769933E41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:proliant_rl300:gen_11:*:*:*:*:*:*:*",
"matchCriteriaId": "4E35165C-B5B8-47E2-829C-AE0187F3BBE2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A potential security vulnerability has been identified in HPE ProLiant RL300 Gen11 Server. The vulnerability could result in the system being vulnerable to exploits by attackers with physical access inside the server chassis.\n\n"
}
],
"id": "CVE-2023-28092",
"lastModified": "2024-11-21T07:54:23.150",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.3,
"impactScore": 5.3,
"source": "security-alert@hpe.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-01T15:15:09.357",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04472en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04472en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-5436
Vulnerability from fkie_nvd - Published: 2017-05-11 14:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
A potential security vulnerability has been identified with HP Integrated Lights-Out 4 (iLO 4) firmware version 2.11 and later, but prior to version 2.30. The vulnerability could be exploited remotely resulting in Denial of Service (DoS). Note this was originally published in 2015 however the CVE entry was added in 2020.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | integrated_lights-out_firmware | * | |
| hp | integrated_lights-out_4 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "652B9F99-3C89-42F7-A194-E1AC82B57CCF",
"versionEndExcluding": "2.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:integrated_lights-out_4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47EEB8DA-1CDD-428C-988C-249E2816F18C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A potential security vulnerability has been identified with HP Integrated Lights-Out 4 (iLO 4) firmware version 2.11 and later, but prior to version 2.30. The vulnerability could be exploited remotely resulting in Denial of Service (DoS). Note this was originally published in 2015 however the CVE entry was added in 2020."
},
{
"lang": "es",
"value": "Se ha identificado una posible vulnerabilidad de seguridad con el firmware HP Integrated Lights-Out 4 (iLO 4) versi\u00f3n 2.11 y posterior, pero anterior a la versi\u00f3n 2.30. La vulnerabilidad podr\u00eda explotarse a distancia, lo que dar\u00eda lugar a una denegaci\u00f3n de servicio (DoS). Note que esto fue publicado originalmente en 2015, sin embargo la entrada CVE fue a\u00f1adida en 2020"
}
],
"id": "CVE-2015-5436",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-11T14:29:46.997",
"references": [
{
"source": "hp-security-alert@hp.com",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c04806165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c04806165"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-4842
Vulnerability from fkie_nvd - Published: 2013-11-18 03:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | integrated_lights-out_firmware | * | |
| hp | integrated_lights-out_firmware | 1.10 | |
| hp | integrated_lights-out_firmware | 1.15 | |
| hp | integrated_lights-out_firmware | 1.15a | |
| hp | integrated_lights-out_firmware | 1.16a | |
| hp | integrated_lights-out_firmware | 1.20a | |
| hp | integrated_lights-out_firmware | 1.26a | |
| hp | integrated_lights-out_4 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17EDFBC8-40D5-405F-9E53-45D39AFD06AF",
"versionEndIncluding": "1.27a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B75737-F8DF-4467-87E6-B3D7D296AF69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE41EB1-8AAE-40F8-A7C0-703283020F0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.15a:*:*:*:*:*:*:*",
"matchCriteriaId": "223798D1-6965-4EBF-B731-0AADBC853752",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.16a:*:*:*:*:*:*:*",
"matchCriteriaId": "03B3C027-295A-4E8D-AC99-89B1DBC9937E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.20a:*:*:*:*:*:*:*",
"matchCriteriaId": "859702BA-314B-4BC4-8CA6-1432E8831B89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.26a:*:*:*:*:*:*:*",
"matchCriteriaId": "58207045-31FF-4B78-832D-A47F49743529",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:integrated_lights-out_4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47EEB8DA-1CDD-428C-988C-249E2816F18C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en HP Integrated Lights-Out 4 (iLO4) con firmware anterior a la versi\u00f3n 1.32 permite a atacantes remotos inyectar script web arbitrario o HTML a trav\u00e9s de vectores sin especificar."
}
],
"id": "CVE-2013-4842",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-11-18T03:55:05.883",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-4843
Vulnerability from fkie_nvd - Published: 2013-11-18 03:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | integrated_lights-out_firmware | * | |
| hp | integrated_lights-out_firmware | 1.10 | |
| hp | integrated_lights-out_firmware | 1.15 | |
| hp | integrated_lights-out_firmware | 1.15a | |
| hp | integrated_lights-out_firmware | 1.16a | |
| hp | integrated_lights-out_firmware | 1.20a | |
| hp | integrated_lights-out_firmware | 1.26a | |
| hp | integrated_lights-out_4 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17EDFBC8-40D5-405F-9E53-45D39AFD06AF",
"versionEndIncluding": "1.27a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B75737-F8DF-4467-87E6-B3D7D296AF69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE41EB1-8AAE-40F8-A7C0-703283020F0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.15a:*:*:*:*:*:*:*",
"matchCriteriaId": "223798D1-6965-4EBF-B731-0AADBC853752",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.16a:*:*:*:*:*:*:*",
"matchCriteriaId": "03B3C027-295A-4E8D-AC99-89B1DBC9937E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.20a:*:*:*:*:*:*:*",
"matchCriteriaId": "859702BA-314B-4BC4-8CA6-1432E8831B89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.26a:*:*:*:*:*:*:*",
"matchCriteriaId": "58207045-31FF-4B78-832D-A47F49743529",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:integrated_lights-out_4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47EEB8DA-1CDD-428C-988C-249E2816F18C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en HP Integrated Lights-Out 4 (iLO4) con el firmware anterior a 1.32 que permite a usuarios autenticados remotos obtener informaci\u00f3n sensible a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2013-4843",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-11-18T03:55:05.913",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-4805
Vulnerability from fkie_nvd - Published: 2013-08-05 13:22 - Updated: 2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in HP Integrated Lights-Out 3 (aka iLO3) firmware before 1.60 and 4 (aka iLO4) firmware before 1.30 allows remote attackers to bypass authentication via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | integrated_lights-out_firmware | * | |
| hp | integrated_lights-out_firmware | 1.10 | |
| hp | integrated_lights-out_firmware | 1.15 | |
| hp | integrated_lights-out_firmware | 1.15a | |
| hp | integrated_lights-out_firmware | 1.16a | |
| hp | integrated_lights-out_firmware | 1.20a | |
| hp | integrated_lights-out_firmware | 1.26a | |
| hp | integrated_lights-out_firmware | 1.27a | |
| hp | integrated_lights-out_firmware | 1.40a | |
| hp | integrated_lights-out_firmware | 1.41a | |
| hp | integrated_lights-out_firmware | 1.42a | |
| hp | integrated_lights-out_firmware | 1.50 | |
| hp | integrated_lights-out_firmware | 1.50a |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21040F4F-4DE7-406F-8220-5B7524B22494",
"versionEndIncluding": "1.51a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B75737-F8DF-4467-87E6-B3D7D296AF69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE41EB1-8AAE-40F8-A7C0-703283020F0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.15a:*:*:*:*:*:*:*",
"matchCriteriaId": "223798D1-6965-4EBF-B731-0AADBC853752",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.16a:*:*:*:*:*:*:*",
"matchCriteriaId": "03B3C027-295A-4E8D-AC99-89B1DBC9937E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.20a:*:*:*:*:*:*:*",
"matchCriteriaId": "859702BA-314B-4BC4-8CA6-1432E8831B89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.26a:*:*:*:*:*:*:*",
"matchCriteriaId": "58207045-31FF-4B78-832D-A47F49743529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.27a:*:*:*:*:*:*:*",
"matchCriteriaId": "B378215E-CBEA-4C5B-8BBE-44B8EBA09DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.40a:*:*:*:*:*:*:*",
"matchCriteriaId": "F5066B1C-C809-4547-9E48-4E4822E8B91E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.41a:*:*:*:*:*:*:*",
"matchCriteriaId": "5CCFA86E-B3F6-4E71-ABC8-75783EBC8817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.42a:*:*:*:*:*:*:*",
"matchCriteriaId": "FC6ED7F5-C616-4FDD-9D36-697F19A0BE25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.50:*:*:*:*:*:*:*",
"matchCriteriaId": "D69393F4-139D-47E3-9125-D8633B192C91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.50a:*:*:*:*:*:*:*",
"matchCriteriaId": "D4397221-10C5-46E8-93A5-17497C5F82DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP Integrated Lights-Out 3 (aka iLO3) firmware before 1.60 and 4 (aka iLO4) firmware before 1.30 allows remote attackers to bypass authentication via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en HP Integrated Lights-Out 3 (tambi\u00e9n conocido como iLO3) firmware anterior a v1.60 y 4 (tambi\u00e9n conocido como iLO4) firmware anterior a v1.30, permite a atacantes remotos evitar la autenticaci\u00f3n a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2013-4805",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 8.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-08-05T13:22:48.160",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03844348"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securityfocus.com/bid/61556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03844348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/61556"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-0525
Vulnerability from fkie_nvd - Published: 2004-08-06 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
HP Integrated Lights-Out (iLO) 1.10 and other versions before 1.55 allows remote attackers to cause a denial of service (hang) by accessing iLO using the TCP/IP reserved port zero.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | integrated_lights-out_firmware | 1.6a | |
| hp | integrated_lights-out_firmware | 1.10 | |
| hp | integrated_lights-out_firmware | 1.15 | |
| hp | integrated_lights-out_firmware | 1.15a | |
| hp | integrated_lights-out_firmware | 1.16a | |
| hp | integrated_lights-out_firmware | 1.20a | |
| hp | integrated_lights-out_firmware | 1.26a | |
| hp | integrated_lights-out_firmware | 1.27a | |
| hp | integrated_lights-out_firmware | 1.40a | |
| hp | integrated_lights-out_firmware | 1.41a | |
| hp | integrated_lights-out_firmware | 1.42a | |
| hp | integrated_lights-out_firmware | 1.50 | |
| hp | integrated_lights-out_firmware | 1.50a | |
| hp | integrated_lights-out_firmware | 1.51a |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "0DB1F11C-1449-46A9-84E5-279ABFF4BD8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B75737-F8DF-4467-87E6-B3D7D296AF69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE41EB1-8AAE-40F8-A7C0-703283020F0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.15a:*:*:*:*:*:*:*",
"matchCriteriaId": "223798D1-6965-4EBF-B731-0AADBC853752",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.16a:*:*:*:*:*:*:*",
"matchCriteriaId": "03B3C027-295A-4E8D-AC99-89B1DBC9937E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.20a:*:*:*:*:*:*:*",
"matchCriteriaId": "859702BA-314B-4BC4-8CA6-1432E8831B89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.26a:*:*:*:*:*:*:*",
"matchCriteriaId": "58207045-31FF-4B78-832D-A47F49743529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.27a:*:*:*:*:*:*:*",
"matchCriteriaId": "B378215E-CBEA-4C5B-8BBE-44B8EBA09DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.40a:*:*:*:*:*:*:*",
"matchCriteriaId": "F5066B1C-C809-4547-9E48-4E4822E8B91E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.41a:*:*:*:*:*:*:*",
"matchCriteriaId": "5CCFA86E-B3F6-4E71-ABC8-75783EBC8817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.42a:*:*:*:*:*:*:*",
"matchCriteriaId": "FC6ED7F5-C616-4FDD-9D36-697F19A0BE25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.50:*:*:*:*:*:*:*",
"matchCriteriaId": "D69393F4-139D-47E3-9125-D8633B192C91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.50a:*:*:*:*:*:*:*",
"matchCriteriaId": "D4397221-10C5-46E8-93A5-17497C5F82DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:integrated_lights-out_firmware:1.51a:*:*:*:*:*:*:*",
"matchCriteriaId": "110526DD-CD4A-44FB-B7BC-7B75655AE65E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HP Integrated Lights-Out (iLO) 1.10 and other versions before 1.55 allows remote attackers to cause a denial of service (hang) by accessing iLO using the TCP/IP reserved port zero."
},
{
"lang": "es",
"value": "HP Integrated Lights-Out (iLO) 1.10 y otras versiones anteriores a 1.55 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) accediendo a iLO usando el puerto reservado TCP cero."
}
],
"id": "CVE-2004-0525",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-06T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://seclists.org/lists/bugtraq/2004/May/0281.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10415"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16251"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/lists/bugtraq/2004/May/0281.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16251"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2023-28092 (GCVE-0-2023-28092)
Vulnerability from cvelistv5 – Published: 2023-05-01 14:10 – Updated: 2025-01-30 15:58
VLAI?
Summary
A potential security vulnerability has been identified in HPE ProLiant RL300 Gen11 Server. The vulnerability could result in the system being vulnerable to exploits by attackers with physical access inside the server chassis.
Severity ?
6.1 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE ProLiant RL300 Gen11 |
Affected:
System ROM v1.12, and HPE Integrated Lights-Out 6 (iLO 6) v1.05
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:30:24.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04472en_us"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28092",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T15:58:38.994380Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T15:58:47.113Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HPE ProLiant RL300 Gen11",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "System ROM v1.12, and HPE Integrated Lights-Out 6 (iLO 6) v1.05"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA potential security vulnerability has been identified in HPE ProLiant RL300 Gen11 Server. The vulnerability could result in the system being vulnerable to exploits by attackers with physical access inside the server chassis.\u003c/p\u003e"
}
],
"value": "A potential security vulnerability has been identified in HPE ProLiant RL300 Gen11 Server. The vulnerability could result in the system being vulnerable to exploits by attackers with physical access inside the server chassis.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-01T14:46:03.772Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04472en_us"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2023-28092",
"datePublished": "2023-05-01T14:10:19.471Z",
"dateReserved": "2023-03-10T14:47:44.212Z",
"dateUpdated": "2025-01-30T15:58:47.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5436 (GCVE-0-2015-5436)
Vulnerability from cvelistv5 – Published: 2017-05-11 14:01 – Updated: 2024-08-06 06:50
VLAI?
Summary
A potential security vulnerability has been identified with HP Integrated Lights-Out 4 (iLO 4) firmware version 2.11 and later, but prior to version 2.30. The vulnerability could be exploited remotely resulting in Denial of Service (DoS). Note this was originally published in 2015 however the CVE entry was added in 2020.
Severity ?
No CVSS data available.
CWE
- emote Denial of Service (DoS)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HP Integrated Lights-Out 4 (iLO 4) |
Affected:
firmware version 2.11 and later, but prior to version 2.30
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:50:02.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c04806165"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP Integrated Lights-Out 4 (iLO 4) ",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "firmware version 2.11 and later, but prior to version 2.30"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A potential security vulnerability has been identified with HP Integrated Lights-Out 4 (iLO 4) firmware version 2.11 and later, but prior to version 2.30. The vulnerability could be exploited remotely resulting in Denial of Service (DoS). Note this was originally published in 2015 however the CVE entry was added in 2020."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "emote Denial of Service (DoS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-23T19:23:21",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c04806165"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2015-5436",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP Integrated Lights-Out 4 (iLO 4) ",
"version": {
"version_data": [
{
"version_value": "firmware version 2.11 and later, but prior to version 2.30"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A potential security vulnerability has been identified with HP Integrated Lights-Out 4 (iLO 4) firmware version 2.11 and later, but prior to version 2.30. The vulnerability could be exploited remotely resulting in Denial of Service (DoS). Note this was originally published in 2015 however the CVE entry was added in 2020."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "emote Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c04806165",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c04806165"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2015-5436",
"datePublished": "2017-05-11T14:01:00",
"dateReserved": "2015-07-07T00:00:00",
"dateUpdated": "2024-08-06T06:50:02.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4843 (GCVE-0-2013-4843)
Vulnerability from cvelistv5 – Published: 2013-11-16 02:00 – Updated: 2024-09-16 21:08
VLAI?
Summary
Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:40.745Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBHF02939",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-16T02:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBHF02939",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-4843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBHF02939",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101326",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-4843",
"datePublished": "2013-11-16T02:00:00Z",
"dateReserved": "2013-07-12T00:00:00Z",
"dateUpdated": "2024-09-16T21:08:14.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4842 (GCVE-0-2013-4842)
Vulnerability from cvelistv5 – Published: 2013-11-16 02:00 – Updated: 2024-09-16 19:25
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:40.992Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBHF02939",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101323",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-16T02:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBHF02939",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101323",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-4842",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBHF02939",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101323",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-4842",
"datePublished": "2013-11-16T02:00:00Z",
"dateReserved": "2013-07-12T00:00:00Z",
"dateUpdated": "2024-09-16T19:25:11.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4805 (GCVE-0-2013-4805)
Vulnerability from cvelistv5 – Published: 2013-08-03 01:00 – Updated: 2024-08-06 16:52
VLAI?
Summary
Unspecified vulnerability in HP Integrated Lights-Out 3 (aka iLO3) firmware before 1.60 and 4 (aka iLO4) firmware before 1.30 allows remote attackers to bypass authentication via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:52:27.119Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "61556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61556"
},
{
"name": "HPSBMU02902",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03844348"
},
{
"name": "SSRT101250",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03844348"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP Integrated Lights-Out 3 (aka iLO3) firmware before 1.60 and 4 (aka iLO4) firmware before 1.30 allows remote attackers to bypass authentication via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-08-22T09:00:00",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "61556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61556"
},
{
"name": "HPSBMU02902",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03844348"
},
{
"name": "SSRT101250",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03844348"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-4805",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP Integrated Lights-Out 3 (aka iLO3) firmware before 1.60 and 4 (aka iLO4) firmware before 1.30 allows remote attackers to bypass authentication via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "61556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/61556"
},
{
"name": "HPSBMU02902",
"refsource": "HP",
"url": "http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03844348"
},
{
"name": "SSRT101250",
"refsource": "HP",
"url": "http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03844348"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-4805",
"datePublished": "2013-08-03T01:00:00",
"dateReserved": "2013-07-12T00:00:00",
"dateUpdated": "2024-08-06T16:52:27.119Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0525 (GCVE-0-2004-0525)
Vulnerability from cvelistv5 – Published: 2004-06-08 04:00 – Updated: 2024-08-08 00:24
VLAI?
Summary
HP Integrated Lights-Out (iLO) 1.10 and other versions before 1.55 allows remote attackers to cause a denial of service (hang) by accessing iLO using the TCP/IP reserved port zero.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:26.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "10415",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10415"
},
{
"name": "ilo-port-zero-dos(16251)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16251"
},
{
"name": "SSRT4724",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://seclists.org/lists/bugtraq/2004/May/0281.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HP Integrated Lights-Out (iLO) 1.10 and other versions before 1.55 allows remote attackers to cause a denial of service (hang) by accessing iLO using the TCP/IP reserved port zero."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "10415",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10415"
},
{
"name": "ilo-port-zero-dos(16251)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16251"
},
{
"name": "SSRT4724",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://seclists.org/lists/bugtraq/2004/May/0281.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0525",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HP Integrated Lights-Out (iLO) 1.10 and other versions before 1.55 allows remote attackers to cause a denial of service (hang) by accessing iLO using the TCP/IP reserved port zero."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "10415",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10415"
},
{
"name": "ilo-port-zero-dos(16251)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16251"
},
{
"name": "SSRT4724",
"refsource": "HP",
"url": "http://seclists.org/lists/bugtraq/2004/May/0281.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0525",
"datePublished": "2004-06-08T04:00:00",
"dateReserved": "2004-06-03T00:00:00",
"dateUpdated": "2024-08-08T00:24:26.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28092 (GCVE-0-2023-28092)
Vulnerability from nvd – Published: 2023-05-01 14:10 – Updated: 2025-01-30 15:58
VLAI?
Summary
A potential security vulnerability has been identified in HPE ProLiant RL300 Gen11 Server. The vulnerability could result in the system being vulnerable to exploits by attackers with physical access inside the server chassis.
Severity ?
6.1 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE ProLiant RL300 Gen11 |
Affected:
System ROM v1.12, and HPE Integrated Lights-Out 6 (iLO 6) v1.05
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:30:24.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04472en_us"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28092",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T15:58:38.994380Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T15:58:47.113Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HPE ProLiant RL300 Gen11",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "System ROM v1.12, and HPE Integrated Lights-Out 6 (iLO 6) v1.05"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA potential security vulnerability has been identified in HPE ProLiant RL300 Gen11 Server. The vulnerability could result in the system being vulnerable to exploits by attackers with physical access inside the server chassis.\u003c/p\u003e"
}
],
"value": "A potential security vulnerability has been identified in HPE ProLiant RL300 Gen11 Server. The vulnerability could result in the system being vulnerable to exploits by attackers with physical access inside the server chassis.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-01T14:46:03.772Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04472en_us"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2023-28092",
"datePublished": "2023-05-01T14:10:19.471Z",
"dateReserved": "2023-03-10T14:47:44.212Z",
"dateUpdated": "2025-01-30T15:58:47.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5436 (GCVE-0-2015-5436)
Vulnerability from nvd – Published: 2017-05-11 14:01 – Updated: 2024-08-06 06:50
VLAI?
Summary
A potential security vulnerability has been identified with HP Integrated Lights-Out 4 (iLO 4) firmware version 2.11 and later, but prior to version 2.30. The vulnerability could be exploited remotely resulting in Denial of Service (DoS). Note this was originally published in 2015 however the CVE entry was added in 2020.
Severity ?
No CVSS data available.
CWE
- emote Denial of Service (DoS)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HP Integrated Lights-Out 4 (iLO 4) |
Affected:
firmware version 2.11 and later, but prior to version 2.30
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:50:02.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c04806165"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP Integrated Lights-Out 4 (iLO 4) ",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "firmware version 2.11 and later, but prior to version 2.30"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A potential security vulnerability has been identified with HP Integrated Lights-Out 4 (iLO 4) firmware version 2.11 and later, but prior to version 2.30. The vulnerability could be exploited remotely resulting in Denial of Service (DoS). Note this was originally published in 2015 however the CVE entry was added in 2020."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "emote Denial of Service (DoS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-23T19:23:21",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c04806165"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2015-5436",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP Integrated Lights-Out 4 (iLO 4) ",
"version": {
"version_data": [
{
"version_value": "firmware version 2.11 and later, but prior to version 2.30"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A potential security vulnerability has been identified with HP Integrated Lights-Out 4 (iLO 4) firmware version 2.11 and later, but prior to version 2.30. The vulnerability could be exploited remotely resulting in Denial of Service (DoS). Note this was originally published in 2015 however the CVE entry was added in 2020."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "emote Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c04806165",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c04806165"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2015-5436",
"datePublished": "2017-05-11T14:01:00",
"dateReserved": "2015-07-07T00:00:00",
"dateUpdated": "2024-08-06T06:50:02.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4843 (GCVE-0-2013-4843)
Vulnerability from nvd – Published: 2013-11-16 02:00 – Updated: 2024-09-16 21:08
VLAI?
Summary
Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:40.745Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBHF02939",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-16T02:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBHF02939",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-4843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBHF02939",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101326",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-4843",
"datePublished": "2013-11-16T02:00:00Z",
"dateReserved": "2013-07-12T00:00:00Z",
"dateUpdated": "2024-09-16T21:08:14.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4842 (GCVE-0-2013-4842)
Vulnerability from nvd – Published: 2013-11-16 02:00 – Updated: 2024-09-16 19:25
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:40.992Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBHF02939",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101323",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-16T02:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBHF02939",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101323",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-4842",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBHF02939",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101323",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-4842",
"datePublished": "2013-11-16T02:00:00Z",
"dateReserved": "2013-07-12T00:00:00Z",
"dateUpdated": "2024-09-16T19:25:11.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4805 (GCVE-0-2013-4805)
Vulnerability from nvd – Published: 2013-08-03 01:00 – Updated: 2024-08-06 16:52
VLAI?
Summary
Unspecified vulnerability in HP Integrated Lights-Out 3 (aka iLO3) firmware before 1.60 and 4 (aka iLO4) firmware before 1.30 allows remote attackers to bypass authentication via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:52:27.119Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "61556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61556"
},
{
"name": "HPSBMU02902",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03844348"
},
{
"name": "SSRT101250",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03844348"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP Integrated Lights-Out 3 (aka iLO3) firmware before 1.60 and 4 (aka iLO4) firmware before 1.30 allows remote attackers to bypass authentication via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-08-22T09:00:00",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "61556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61556"
},
{
"name": "HPSBMU02902",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03844348"
},
{
"name": "SSRT101250",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03844348"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-4805",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP Integrated Lights-Out 3 (aka iLO3) firmware before 1.60 and 4 (aka iLO4) firmware before 1.30 allows remote attackers to bypass authentication via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "61556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/61556"
},
{
"name": "HPSBMU02902",
"refsource": "HP",
"url": "http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03844348"
},
{
"name": "SSRT101250",
"refsource": "HP",
"url": "http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03844348"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-4805",
"datePublished": "2013-08-03T01:00:00",
"dateReserved": "2013-07-12T00:00:00",
"dateUpdated": "2024-08-06T16:52:27.119Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0525 (GCVE-0-2004-0525)
Vulnerability from nvd – Published: 2004-06-08 04:00 – Updated: 2024-08-08 00:24
VLAI?
Summary
HP Integrated Lights-Out (iLO) 1.10 and other versions before 1.55 allows remote attackers to cause a denial of service (hang) by accessing iLO using the TCP/IP reserved port zero.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:26.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "10415",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10415"
},
{
"name": "ilo-port-zero-dos(16251)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16251"
},
{
"name": "SSRT4724",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://seclists.org/lists/bugtraq/2004/May/0281.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HP Integrated Lights-Out (iLO) 1.10 and other versions before 1.55 allows remote attackers to cause a denial of service (hang) by accessing iLO using the TCP/IP reserved port zero."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "10415",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10415"
},
{
"name": "ilo-port-zero-dos(16251)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16251"
},
{
"name": "SSRT4724",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://seclists.org/lists/bugtraq/2004/May/0281.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0525",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HP Integrated Lights-Out (iLO) 1.10 and other versions before 1.55 allows remote attackers to cause a denial of service (hang) by accessing iLO using the TCP/IP reserved port zero."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "10415",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10415"
},
{
"name": "ilo-port-zero-dos(16251)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16251"
},
{
"name": "SSRT4724",
"refsource": "HP",
"url": "http://seclists.org/lists/bugtraq/2004/May/0281.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0525",
"datePublished": "2004-06-08T04:00:00",
"dateReserved": "2004-06-03T00:00:00",
"dateUpdated": "2024-08-08T00:24:26.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}