fkie_nvd - fkie_cve-2022-28632

FKIE_CVE-2022-28632

Vulnerability from fkie_nvd - Published: 2022-08-12 15:15 - Updated: 2024-11-21 06:57

Severity ?

8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

A potential arbitrary code execution and a denial of service (DoS) vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could exploit this vulnerability in an adjacent network to potentially execute arbitrary code in an isolated process resulting in a complete loss of confidentiality, integrity, and availability within that process. In addition, an unprivileged user could exploit a denial of service (DoS) vulnerability in an isolated process resulting in a complete loss of availability within that process. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5).

References

	URL	Tags
	security-alert@hpe.com	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04333en_us	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04333en_us	Vendor Advisory

Impacted products

Vendor	Product	Version
hpe	integrated_lights-out_5_firmware	*
hpe	apollo_2000_gen10_plus_system	-
hpe	apollo_4200_gen10_server	-
hpe	apollo_4510_gen10_system	-
hpe	apollo_6500_gen10_plus_system	-
hpe	apollo_6500_gen10_system	-
hpe	apollo_n2600_gen10_plus	-
hpe	apollo_n2800_gen10_plus	-
hpe	apollo_r2600_gen10	-
hpe	apollo_r2800_gen10	-
hpe	edgeline_e920_server_blade	-
hpe	edgeline_e920d_server_blade	-
hpe	edgeline_e920t_server_blade	-
hpe	proliant_bl460c_gen10_server_blade	-
hpe	proliant_dl110_gen10_plus_telco_server	-
hpe	proliant_dl120_gen10_server	-
hpe	proliant_dl160_gen10_server	-
hpe	proliant_dl180_gen10_server	-
hpe	proliant_dl20_gen10_plus_server	-
hpe	proliant_dl20_gen10_server	-
hpe	proliant_dl325_gen10_plus_server	-
hpe	proliant_dl325_gen10_plus_v2_server	-
hpe	proliant_dl325_gen10_server	-
hpe	proliant_dl345_gen10_plus_server	-
hpe	proliant_dl360_gen10_plus_server	-
hpe	proliant_dl360_gen10_server	-
hpe	proliant_dl365_gen10_plus_server	-
hpe	proliant_dl380_gen10_plus_server	-
hpe	proliant_dl380_gen10_server	-
hpe	proliant_dl385_gen10_plus_server	-
hpe	proliant_dl385_gen10_plus_v2_server	-
hpe	proliant_dl385_gen10_server	-
hpe	proliant_dl560_gen10_server	-
hpe	proliant_dl580_gen10_server	-
hpe	proliant_dx170r_gen10_server	-
hpe	proliant_dx190r_gen10_server	-
hpe	proliant_dx220n_gen10_plus_server	-
hpe	proliant_dx325_gen10_plus_v2_server	-
hpe	proliant_dx360_gen10_plus_server	-
hpe	proliant_dx360_gen10_server	-
hpe	proliant_dx380_gen10_plus_server	-
hpe	proliant_dx380_gen10_server	-
hpe	proliant_dx385_gen10_plus_server	-
hpe	proliant_dx385_gen10_plus_v2_server	-
hpe	proliant_dx4200_gen10_server	-
hpe	proliant_dx560_gen10_server	-
hpe	proliant_e910_server_blade	-
hpe	proliant_e910t_server_blade	-
hpe	proliant_m750_server_blade	-
hpe	proliant_microserver_gen10_plus	-
hpe	proliant_ml110_gen10_server	-
hpe	proliant_ml30_gen10_plus_server	-
hpe	proliant_ml30_gen10_server	-
hpe	proliant_ml350_gen10_server	-
hpe	proliant_xl170r_gen10_server	-
hpe	proliant_xl190r_gen10_server	-
hpe	proliant_xl220n_gen10_plus_server	-
hpe	proliant_xl225n_gen10_plus_1u_node	-
hpe	proliant_xl230k_gen10_server	-
hpe	proliant_xl270d_gen10_server	-
hpe	proliant_xl290n_gen10_plus_server	-
hpe	proliant_xl420_gen10_server	-
hpe	proliant_xl450_gen10_server	-
hpe	proliant_xl645d_gen10_plus_server	-
hpe	proliant_xl675d_gen10_plus_server	-
hpe	proliant_xl925g_gen10_plus_server	-
hpe	storage_file_controller	-
hpe	storage_performance_file_controller	-
hpe	storeeasy_1460_storage	-
hpe	storeeasy_1560_storage	-
hpe	storeeasy_1660_expanded_storage	-
hpe	storeeasy_1660_performance_storage	-
hpe	storeeasy_1660_storage	-
hpe	storeeasy_1860_performance_storage	-
hpe	storeeasy_1860_storage	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hpe:integrated_lights-out_5_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "50DE87E4-C7BA-45DF-A8D2-82278A87ECEA",
              "versionEndExcluding": "2.71",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hpe:apollo_2000_gen10_plus_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03743177-70D4-442B-B59F-43912385CC83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:apollo_4200_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFB818A6-80D5-4DD7-8E0D-EC25764A0693",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:apollo_4510_gen10_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "25418088-0890-401E-837C-611154B2C433",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:apollo_6500_gen10_plus_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1480B92-9A59-4675-B2DF-6DAE385927B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:apollo_6500_gen10_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC09C72C-0BD3-4DB1-96C6-72F2330D4165",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:apollo_n2600_gen10_plus:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB23B5E3-887B-41C8-B83E-0203BEC9DDB1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:apollo_n2800_gen10_plus:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "33A5C2F7-66E1-483F-95E7-D51C6D32E7CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:apollo_r2600_gen10:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A478D98-EE4E-45ED-A257-F154693E6FB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:apollo_r2800_gen10:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CAC257C-8594-454D-BA28-5D98F03AF3EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:edgeline_e920_server_blade:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CB4D5F2-2E5C-4191-ACA0-D086E08FFDA4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:edgeline_e920d_server_blade:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AC36ED1-D392-4DC6-B3E0-99A821705AA2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:edgeline_e920t_server_blade:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D0ACC75-47E9-439A-9338-170478FB326F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_bl460c_gen10_server_blade:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C25FD273-0E16-4975-985C-8BD96AE0D449",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl110_gen10_plus_telco_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "554BD1A9-19DC-40E7-875F-2C6091CDC904",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl120_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5876FB45-B037-4355-BAE9-69157FD0A402",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl160_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0C77CAF-0A18-4447-93BD-C64595475E37",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl180_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D81BA5-E5D8-4D42-8C42-A91063008359",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl20_gen10_plus_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA978EC2-6027-4605-BECC-68B4682DB5E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl20_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B15D52EA-CE63-47AF-993D-265163B5B38E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl325_gen10_plus_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1F98CB6-3933-4425-A7E9-542AB764C8C4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl325_gen10_plus_v2_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A91E7E91-BED2-4CFE-AB7A-8537F1A589C8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl325_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93765BE7-D8C2-48C8-9ADA-A7C36B993D95",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl345_gen10_plus_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BE801CF-95AB-409A-8063-9525FC1A3BF1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl360_gen10_plus_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A540039-4339-44CE-92AD-83B80928FC81",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl360_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD08B95A-240C-436E-91B5-2D594F6F1F07",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl365_gen10_plus_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7151CE9-BAD2-47B8-9283-5BEB53C93D98",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl380_gen10_plus_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E27B2E8E-1F1D-4397-BE33-80755D6BE56C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl380_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8545248A-2943-4B8D-A295-BE7D43492BC9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl385_gen10_plus_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "00B032E4-9663-4525-ACC4-217B5E266124",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl385_gen10_plus_v2_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61758FDD-0744-4207-950E-D11717E9E5D1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl385_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3845235-CAFC-4FB3-AB26-F0E8A8815F88",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl560_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8389F7F-7653-4695-91CC-DCFACC870094",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dl580_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "419470B4-80EF-46BF-8DB4-6569D3E8435F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dx170r_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7591DA99-B0CA-4A23-A8C5-C6D9084C2329",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dx190r_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1642BAB-2EC5-4E89-86DE-7B9BECA4F6CB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dx220n_gen10_plus_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D176EE5-FDE7-475B-802A-AFD21A9F6E87",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dx325_gen10_plus_v2_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18B76D60-5493-4959-A85E-91C1D810365F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dx360_gen10_plus_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D9CF07-D08E-4B36-B25D-1011AF0463DA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dx360_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26D8AA54-634D-4870-AC5E-BD8F70EDB83D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dx380_gen10_plus_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8464FB6E-5744-44B7-BD1F-87D8F382A30B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dx380_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2C8768C-5E7D-4C11-8C49-182CC1D643B0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dx385_gen10_plus_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "594B767B-41AB-436A-AF2C-10185E1161F4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dx385_gen10_plus_v2_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "779A6A62-4357-46FF-9BA8-F53E657A4E31",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dx4200_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B00D29DB-B073-4C5A-934D-87A311D57657",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_dx560_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5869DE25-F914-48E0-8AFF-72C463E99084",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_e910_server_blade:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "174EF59C-18A6-4490-A23A-76E74C1D2AFA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_e910t_server_blade:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C755817B-B074-4496-934B-A30C72A4F849",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_m750_server_blade:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E79D5665-6654-4AF7-A3DE-7F338067E8C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_microserver_gen10_plus:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F8B5AC2-7889-4654-88D2-289CE20A4ED7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_ml110_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB32875E-11E3-443E-809C-12CCAE574570",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_ml30_gen10_plus_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5527AD20-7E19-4987-915D-FCFFEBFDA4C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_ml30_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C24685-FEE2-494F-9806-56477E62FD1A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_ml350_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7DE16BA-939E-4C26-B03B-439E60C7C872",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_xl170r_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B224273-2E15-41F2-84D6-D754F6B76B49",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_xl190r_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ACD7139-05F6-4D60-BB0F-9AA6952720CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_xl220n_gen10_plus_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "01181BEB-DE0B-49AA-B632-91B40046120F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_xl225n_gen10_plus_1u_node:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9334B70C-EBBD-4D0F-A0DC-EC84E014701E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_xl230k_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50247A44-3EA0-4B4B-9AB6-64D9B470F190",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_xl270d_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A21F0B8-D613-46CD-BAEC-5CD876FD5352",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_xl290n_gen10_plus_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4435D5C3-A7CB-4EA6-87A9-6026DAC8DA47",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_xl420_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EDA2E27-1E51-4DC3-A907-C6273168D366",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_xl450_gen10_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBD81201-ECD9-4E9F-A6F0-7EAEB1DA9891",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_xl645d_gen10_plus_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "424298C0-01E2-4770-818D-25F47A801F88",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_xl675d_gen10_plus_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E7408A4-7409-4223-ABA7-C1F35E84D213",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:proliant_xl925g_gen10_plus_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0700905D-BEA8-46A7-95D4-27BC3793FA51",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:storage_file_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCBE981-8F98-49B2-B09D-B0187D5DF322",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:storage_performance_file_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A9E7335-3545-4F2D-A915-AB6B34EBB76D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:storeeasy_1460_storage:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFC69BAD-3243-405F-839E-8BE9E2562205",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:storeeasy_1560_storage:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C386FE40-4223-4F35-A04A-84008B7A1B8E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:storeeasy_1660_expanded_storage:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3E86E62-1B51-4934-B8B6-40D920BE6192",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:storeeasy_1660_performance_storage:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5D34B52-2803-43B0-942A-F974CBE14531",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:storeeasy_1660_storage:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFC53F93-901B-40A9-BAAD-DD5A8865E824",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:storeeasy_1860_performance_storage:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3A06978-A8B5-4251-955F-2DF206962605",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:hpe:storeeasy_1860_storage:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D82CC8E6-A017-406E-B993-4CFFEB230829",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A potential arbitrary code execution and a denial of service (DoS) vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could exploit this vulnerability in an adjacent network to potentially execute arbitrary code in an isolated process resulting in a complete loss of confidentiality, integrity, and availability within that process. In addition, an unprivileged user could exploit a denial of service (DoS) vulnerability in an isolated process resulting in a complete loss of availability within that process. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5)."
    },
    {
      "lang": "es",
      "value": "Se ha detectado una potencial ejecuci\u00f3n de c\u00f3digo arbitrario y una vulnerabilidad de denegaci\u00f3n de servicio (DoS) dentro de un proceso aislado en HPE Integrated Lights-Out 5 (iLO 5) versiones de firmware anteriores a 2.71. Un usuario no privilegiado podr\u00eda explotar esta vulnerabilidad en una red adyacente para ejecutar potencialmente c\u00f3digo arbitrario en un proceso aislado resultando en una p\u00e9rdida completa de confidencialidad, integridad y disponibilidad dentro de ese proceso. Adem\u00e1s, un usuario no privilegiado podr\u00eda explotar una vulnerabilidad de denegaci\u00f3n de servicio (DoS) en un proceso aislado resultando en una p\u00e9rdida completa de disponibilidad dentro de ese proceso. HPE ha proporcionado una actualizaci\u00f3n de firmware para resolver esta vulnerabilidad en HPE Integrated Lights-Out 5 (iLO 5)."
    }
  ],
  "id": "CVE-2022-28632",
  "lastModified": "2024-11-21T06:57:37.153",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-08-12T15:15:14.297",
  "references": [
    {
      "source": "security-alert@hpe.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04333en_us"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04333en_us"
    }
  ],
  "sourceIdentifier": "security-alert@hpe.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2022-28632 (GCVE-0-2022-28632)

Vulnerability from cvelistv5 – Published: 2022-08-11 17:17 – Updated: 2024-08-03 05:56

Summary

Severity ?

No CVSS data available.

CWE

adjacent arbitrary code execution and denial of service (DoS)

Assigner

hpe

References

URL

	Vendor	Product	Version
	n/a	HPE Integrated Lights-Out 5 (iLO 5)	Affected: Prior to 2.71

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2022-28632

CVE-2022-28632 (GCVE-0-2022-28632)

Tags

Sightings

Nomenclature