var-201808-0938
Vulnerability from variot
A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior to v2.55 could be remotely exploited to create a denial of service. plural HPE The product contains vulnerabilities related to security functions.Service operation interruption (DoS) There is a possibility of being put into a state. HPE Integrated Lights-Out (iLO) is an embedded server management technology, which monitors and maintains the health of the server, remotely manages the server, etc. through an integrated remote management port. Moonshot Chassis Manager is a movement chassis manager. Moonshot Component Pack is a Moonshot component pack. Security vulnerabilities exist in several HPE products. A remote attacker could exploit this vulnerability to cause a denial of service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0938",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "integrated lights-out 3",
"scope": "lt",
"trust": 1.0,
"vendor": "hp",
"version": "1.90"
},
{
"model": "moonshot component pack",
"scope": "lt",
"trust": 1.0,
"vendor": "hp",
"version": "2.55"
},
{
"model": "integrated lights-out 5",
"scope": "lt",
"trust": 1.0,
"vendor": "hp",
"version": "1.30"
},
{
"model": "moonshot chassis manager",
"scope": "lt",
"trust": 1.0,
"vendor": "hp",
"version": "1.58"
},
{
"model": "integrated lights-out 4",
"scope": "lt",
"trust": 1.0,
"vendor": "hp",
"version": "2.60"
},
{
"model": "hpe integrated lights-out 3",
"scope": "lt",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "1.90"
},
{
"model": "hpe integrated lights-out 4",
"scope": "lt",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "2.60"
},
{
"model": "hpe integrated lights-out 5",
"scope": "lt",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "1.30"
},
{
"model": "hpe moonshot chassis manager",
"scope": "lt",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "1.58"
},
{
"model": "hpe moonshot component pack",
"scope": "lt",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "2.55"
},
{
"model": "integrated lights-out 3",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "1.55"
},
{
"model": "integrated lights-out 4",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "2.03"
},
{
"model": "integrated lights-out 4",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "1.13"
},
{
"model": "integrated lights-out 4",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "1.11"
},
{
"model": "integrated lights-out 3",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "1.50"
},
{
"model": "integrated lights-out 4",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "1.20"
},
{
"model": "integrated lights-out 3",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "1.20"
},
{
"model": "integrated lights-out 3",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "1.80"
},
{
"model": "integrated lights-out 4",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "2.01"
},
{
"model": "integrated lights-out 3",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "1.28"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009018"
},
{
"db": "NVD",
"id": "CVE-2018-7093"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-443"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:hp:moonshot_chassis_manager_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.58",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:integrated_lights-out_5_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.30",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.90",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.60",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:hp:integrated_lights-out:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:hp:moonshot_component_pack_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.55",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:hp:moonshot_component_pack:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7093"
}
]
},
"cve": "CVE-2018-7093",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-7093",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-137125",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.6,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-7093",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-7093",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201808-443",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-137125",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137125"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009018"
},
{
"db": "NVD",
"id": "CVE-2018-7093"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-443"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior to v2.55 could be remotely exploited to create a denial of service. plural HPE The product contains vulnerabilities related to security functions.Service operation interruption (DoS) There is a possibility of being put into a state. HPE Integrated Lights-Out (iLO) is an embedded server management technology, which monitors and maintains the health of the server, remotely manages the server, etc. through an integrated remote management port. Moonshot Chassis Manager is a movement chassis manager. Moonshot Component Pack is a Moonshot component pack. Security vulnerabilities exist in several HPE products. A remote attacker could exploit this vulnerability to cause a denial of service",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7093"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009018"
},
{
"db": "VULHUB",
"id": "VHN-137125"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-7093",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1041435",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009018",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201808-443",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-137125",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137125"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009018"
},
{
"db": "NVD",
"id": "CVE-2018-7093"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-443"
}
]
},
"id": "VAR-201808-0938",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-137125"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T14:05:20.525000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "hpesbhf03835en_us",
"trust": 0.8,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03835en_us"
},
{
"title": "Multiple HPE Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=83899"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009018"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-443"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137125"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009018"
},
{
"db": "NVD",
"id": "CVE-2018-7093"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041435"
},
{
"trust": 1.6,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03835en_us"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7093"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7093"
},
{
"trust": 0.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-hpesbhf03835en_us"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137125"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009018"
},
{
"db": "NVD",
"id": "CVE-2018-7093"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-443"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-137125"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009018"
},
{
"db": "NVD",
"id": "CVE-2018-7093"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-443"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-14T00:00:00",
"db": "VULHUB",
"id": "VHN-137125"
},
{
"date": "2018-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009018"
},
{
"date": "2018-08-14T14:29:00.510000",
"db": "NVD",
"id": "CVE-2018-7093"
},
{
"date": "2018-08-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-443"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-137125"
},
{
"date": "2018-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009018"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2018-7093"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-443"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-443"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural HPE Vulnerabilities related to security functions in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009018"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-443"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.