VAR-201808-0938
Vulnerability from variot - Updated: 2023-12-18 14:05A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior to v2.55 could be remotely exploited to create a denial of service. plural HPE The product contains vulnerabilities related to security functions.Service operation interruption (DoS) There is a possibility of being put into a state. HPE Integrated Lights-Out (iLO) is an embedded server management technology, which monitors and maintains the health of the server, remotely manages the server, etc. through an integrated remote management port. Moonshot Chassis Manager is a movement chassis manager. Moonshot Component Pack is a Moonshot component pack. Security vulnerabilities exist in several HPE products. A remote attacker could exploit this vulnerability to cause a denial of service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0938",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "integrated lights-out 3",
"scope": "lt",
"trust": 1.0,
"vendor": "hp",
"version": "1.90"
},
{
"model": "moonshot component pack",
"scope": "lt",
"trust": 1.0,
"vendor": "hp",
"version": "2.55"
},
{
"model": "integrated lights-out 5",
"scope": "lt",
"trust": 1.0,
"vendor": "hp",
"version": "1.30"
},
{
"model": "moonshot chassis manager",
"scope": "lt",
"trust": 1.0,
"vendor": "hp",
"version": "1.58"
},
{
"model": "integrated lights-out 4",
"scope": "lt",
"trust": 1.0,
"vendor": "hp",
"version": "2.60"
},
{
"model": "hpe integrated lights-out 3",
"scope": "lt",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "1.90"
},
{
"model": "hpe integrated lights-out 4",
"scope": "lt",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "2.60"
},
{
"model": "hpe integrated lights-out 5",
"scope": "lt",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "1.30"
},
{
"model": "hpe moonshot chassis manager",
"scope": "lt",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "1.58"
},
{
"model": "hpe moonshot component pack",
"scope": "lt",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "2.55"
},
{
"model": "integrated lights-out 3",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "1.55"
},
{
"model": "integrated lights-out 4",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "2.03"
},
{
"model": "integrated lights-out 4",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "1.13"
},
{
"model": "integrated lights-out 4",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "1.11"
},
{
"model": "integrated lights-out 3",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "1.50"
},
{
"model": "integrated lights-out 4",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "1.20"
},
{
"model": "integrated lights-out 3",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "1.20"
},
{
"model": "integrated lights-out 3",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "1.80"
},
{
"model": "integrated lights-out 4",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "2.01"
},
{
"model": "integrated lights-out 3",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "1.28"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009018"
},
{
"db": "NVD",
"id": "CVE-2018-7093"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-443"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:hp:moonshot_chassis_manager_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.58",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:integrated_lights-out_5_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.30",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.90",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.60",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:hp:integrated_lights-out:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:hp:moonshot_component_pack_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.55",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:hp:moonshot_component_pack:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7093"
}
]
},
"cve": "CVE-2018-7093",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-7093",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-137125",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.6,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-7093",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-7093",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201808-443",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-137125",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137125"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009018"
},
{
"db": "NVD",
"id": "CVE-2018-7093"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-443"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior to v2.55 could be remotely exploited to create a denial of service. plural HPE The product contains vulnerabilities related to security functions.Service operation interruption (DoS) There is a possibility of being put into a state. HPE Integrated Lights-Out (iLO) is an embedded server management technology, which monitors and maintains the health of the server, remotely manages the server, etc. through an integrated remote management port. Moonshot Chassis Manager is a movement chassis manager. Moonshot Component Pack is a Moonshot component pack. Security vulnerabilities exist in several HPE products. A remote attacker could exploit this vulnerability to cause a denial of service",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7093"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009018"
},
{
"db": "VULHUB",
"id": "VHN-137125"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-7093",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1041435",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009018",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201808-443",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-137125",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137125"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009018"
},
{
"db": "NVD",
"id": "CVE-2018-7093"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-443"
}
]
},
"id": "VAR-201808-0938",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-137125"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T14:05:20.525000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "hpesbhf03835en_us",
"trust": 0.8,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03835en_us"
},
{
"title": "Multiple HPE Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=83899"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009018"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-443"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137125"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009018"
},
{
"db": "NVD",
"id": "CVE-2018-7093"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041435"
},
{
"trust": 1.6,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03835en_us"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7093"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7093"
},
{
"trust": 0.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-hpesbhf03835en_us"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137125"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009018"
},
{
"db": "NVD",
"id": "CVE-2018-7093"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-443"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-137125"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009018"
},
{
"db": "NVD",
"id": "CVE-2018-7093"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-443"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-14T00:00:00",
"db": "VULHUB",
"id": "VHN-137125"
},
{
"date": "2018-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009018"
},
{
"date": "2018-08-14T14:29:00.510000",
"db": "NVD",
"id": "CVE-2018-7093"
},
{
"date": "2018-08-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-443"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-137125"
},
{
"date": "2018-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009018"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2018-7093"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-443"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-443"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural HPE Vulnerabilities related to security functions in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009018"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-443"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…