FKIE_CVE-2022-23704

Vulnerability from fkie_nvd - Published: 2022-05-09 21:15 - Updated: 2024-11-21 06:49
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 (iLO 4) 2.80 and later.
References
security-alert@hpe.comhttps://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04240en_usVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04240en_usVendor Advisory
Impacted products
Vendor Product Version
hp integrated_lights-out_4 *
hpe apollo_4200_gen9_server -
hpe proliant_bl420c_gen8_server -
hpe proliant_bl460c_gen8_server_blade -
hpe proliant_bl460c_gen9_server_blade -
hpe proliant_bl465c_gen8_server_blade -
hpe proliant_bl660c_gen8_server_blade -
hpe proliant_bl660c_gen9_server -
hpe proliant_dl120_gen9_server -
hpe proliant_dl160_gen8_server -
hpe proliant_dl160_gen9_server -
hpe proliant_dl180_gen9_server -
hpe proliant_dl20_gen9_server -
hpe proliant_dl320e_gen8_server -
hpe proliant_dl320e_gen8_v2_server -
hpe proliant_dl360_gen9_server -
hpe proliant_dl360e_gen8_server -
hpe proliant_dl360p_gen8_server -
hpe proliant_dl380_gen9_server -
hpe proliant_dl380e_gen8_server -
hpe proliant_dl380p_gen8_server -
hpe proliant_dl385p_gen8 -
hpe proliant_dl560_gen8_server -
hpe proliant_dl560_gen9_server -
hpe proliant_dl580_gen8_server -
hpe proliant_dl580_gen9_server -
hpe proliant_dl60_gen9_server -
hpe proliant_dl80_gen9_server -
hpe proliant_ec200a_server -
hpe proliant_microserver_gen8 -
hpe proliant_ml110_gen9_server -
hpe proliant_ml150_gen9_server -
hpe proliant_ml30_gen9_server -
hpe proliant_ml310e_gen8_server -
hpe proliant_ml310e_gen8_v2_server -
hpe proliant_ml350_gen9_server -
hpe proliant_ml350e_gen8_v2_server -
hpe proliant_ml350p_gen8_server -
hpe proliant_sl210t_gen8_server -
hpe proliant_sl230s_gen8_server -
hpe proliant_sl250s_gen8_server -
hpe proliant_sl270s_gen8_se_server -
hpe proliant_sl270s_gen8_server -
hpe proliant_sl4540_gen8_1_node_server -
hpe proliant_ws460c_gen8_graphics_server_blade -
hpe proliant_ws460c_gen9_graphics_server_blade -
hpe proliant_xl170r_gen9_server -
hpe proliant_xl190r_gen9_server -
hpe proliant_xl220a_gen8_v2_server -
hpe proliant_xl230a_gen9_server -
hpe proliant_xl250a_gen9_server -
hpe proliant_xl450_gen9_server -
hpe proliant_xl730f_gen9_server -
hpe proliant_xl740f_gen9_server -
hpe proliant_xl750f_gen9_server -
hpe synergy_480_gen9_compute_module -
hpe synergy_620_gen9_compute_module -
hpe synergy_660_gen9_compute_module -
hpe synergy_680_gen9_compute_module -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:integrated_lights-out_4:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB97149F-4E5A-4E25-9FEC-5E1610E714A1",
              "versionEndExcluding": "2.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hpe:apollo_4200_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C20D38E9-B2EA-4ECC-B9EC-D29BB249AC77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_bl420c_gen8_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E3C760C-2DAF-45CE-972B-B86D963B16BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_bl460c_gen8_server_blade:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B110E689-1823-42D6-91E6-81115A2CB048",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_bl460c_gen9_server_blade:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D230E7A-D852-4040-83CF-164AA3233F00",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_bl465c_gen8_server_blade:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C786E99-CDC8-4265-A05B-931602A4E10B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_bl660c_gen8_server_blade:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91276F1E-6475-479D-857C-689E210116B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_bl660c_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2E685C0-E20A-4E95-A76F-8D18AF92C0F4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl120_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6B65F98-15A8-48FA-A836-97430AF183EB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl160_gen8_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "346996C3-E131-4BE0-9261-E32D0567F795",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl160_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1AD90B1-F95C-4A74-AAD5-684C0E0DCBC0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl180_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3E4F18F-55E2-4829-A1EF-881D06CC5481",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl20_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31223B01-2107-479B-AC77-1C31BBE2F96C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl320e_gen8_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51593FEE-B2A5-4642-8A3B-F0A7D85475AA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl320e_gen8_v2_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED8AE8A0-82CF-47E9-99F7-FFF1EF632C90",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl360_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "34A65EC0-14C7-4838-913D-8EF11144A85B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl360e_gen8_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFFBB73F-EAF7-47A2-BD06-FC31172E05B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl360p_gen8_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47779C63-CDE4-4BE6-96BA-CBD118E027ED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl380_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52F6D2D0-482F-4B2F-AF78-82BC56704E8E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl380e_gen8_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D81703-DB67-4650-959B-8787ED450AE3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl380p_gen8_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AE425FF-B87E-40D6-A85F-7740418B3A9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl385p_gen8:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD391773-8FB9-429A-84B3-7DC084AFFD8B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl560_gen8_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CED1122-4927-4665-8D6B-A6C986ED6252",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl560_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2068295-B73A-4C01-8351-C2D8B957845B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl580_gen8_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "407DB236-65BF-4B41-9C75-4D5BC246A905",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl580_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3EB6796-FE83-42EB-84FF-F405289EE0B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl60_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4F7E5C6-201B-4268-9CA7-13BBA1E74DF0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl80_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CF640F8-B432-40DA-93C8-77D8351CB390",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_ec200a_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A450C2D-76BE-4192-A913-0B46EC7EA51D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_microserver_gen8:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EDDEC65-E89C-47CA-9716-F4EB936ADE9A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_ml110_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD3268D0-1F66-47BA-972C-21E809DC2F2E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_ml150_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2703B986-0709-4D89-8CAF-7C3FB63D7D3F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_ml30_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9E7C549-3A1B-40DE-A1FC-0BC62040E4C8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_ml310e_gen8_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7791C8B1-D949-4AEE-8BC5-40FECA8FBC7A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_ml310e_gen8_v2_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBA3BC52-96CB-4F52-87BC-3E6DF13BD654",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_ml350_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BB05A81-BDF5-4D6C-B9E3-1894703F1CC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_ml350e_gen8_v2_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F3F92AE-CE88-4C38-AC00-6B56198D57F6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_ml350p_gen8_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FB075F0-2825-43F5-BA0A-8348A082580C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_sl210t_gen8_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74F537C3-16DE-4F0C-9C38-6EE9504F841F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_sl230s_gen8_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6795F47-30A0-4433-96FD-808AAF536F45",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_sl250s_gen8_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "533312DC-3EB0-4F15-B7A6-BFCE5CFABC6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_sl270s_gen8_se_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5067AA37-ED79-403B-953E-8EC4807A7067",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_sl270s_gen8_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "361590CD-06A8-4BDF-9C24-053F31468A53",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_sl4540_gen8_1_node_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8687283-2061-4D3C-99E5-CB920347413A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_ws460c_gen8_graphics_server_blade:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFD07DCA-B8AF-409F-A902-AE66CB450152",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_ws460c_gen9_graphics_server_blade:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66E10A5D-7C64-460A-9DBE-E5BCBBFDE6C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_xl170r_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58AE85AC-1062-42E2-8142-9BC754D51035",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_xl190r_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49BA2C97-7AAB-4A55-B487-522715BDC80C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_xl220a_gen8_v2_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "056D1649-1670-465D-9E48-292B3F451521",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_xl230a_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA80708D-3219-4D54-B167-105DDEC5B85D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_xl250a_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E62FEEB-A62D-42F4-A713-4CEAFF9B158E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_xl450_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CEE8B85-1F21-418F-B2D3-90151F6423BF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_xl730f_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C838C36-FFF2-4C90-8BF1-21984D6C9C88",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_xl740f_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4EBB97C-4A68-4276-BFF2-93D58F6F1CA2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_xl750f_gen9_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "425FCBD4-A94B-4AE5-B002-258CE1FE97FB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:synergy_480_gen9_compute_module:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "29BE9486-493D-495E-8CFA-1E79FE57457C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:synergy_620_gen9_compute_module:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "789F7158-51DE-4344-BD8A-1249BFE0158B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:synergy_660_gen9_compute_module:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0163D6F2-5E24-4741-BEF3-7B671A10CA08",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:synergy_680_gen9_compute_module:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CBAD3B0-D47D-4E05-96D1-28A989E118CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 (iLO 4) 2.80 and later."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una posible vulnerabilidad de seguridad en Integrated Lights-Out 4 (iLO 4). La vulnerabilidad podr\u00eda permitir una Denegaci\u00f3n de Servicio remota. La vulnerabilidad ha sido resuelta en Integrated Lights-Out 4 (iLO 4) versiones 2.80 y posteriores"
    }
  ],
  "id": "CVE-2022-23704",
  "lastModified": "2024-11-21T06:49:08.550",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-05-09T21:15:08.047",
  "references": [
    {
      "source": "security-alert@hpe.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04240en_us"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04240en_us"
    }
  ],
  "sourceIdentifier": "security-alert@hpe.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.