Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Integrated_lights\-Out_3_firmware
(Hp)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 12 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-09-27 | CVE-2018-7105 | A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90 could be remotely exploited to execute arbitrary code leading to disclosure of information. | Integrated_lights\-Out_3_firmware, Integrated_lights\-Out_4_firmware, Integrated_lights\-Out_5_firmware | 7.2 | ||
| 2018-08-14 | CVE-2018-7093 | A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior to v2.55 could be remotely exploited to create a denial of service. | Integrated_lights\-Out_3_firmware, Integrated_lights\-Out_4_firmware, Integrated_lights\-Out_5_firmware, Moonshot_chassis_manager_firmware, Moonshot_component_pack_firmware | 8.6 | ||
| 2018-08-06 | CVE-2017-8987 | A Unauthenticated Remote Denial of Service vulnerability was identified in HPE Integrated Lights-Out 3 (iLO 3) version v1.88 only. The vulnerability is resolved in iLO3 v1.89 or subsequent versions. | Integrated_lights\-Out_3_firmware | 8.6 | ||
| 2018-02-15 | CVE-2017-12543 | A remote disclosure of information vulnerability in Moonshot Remote Console Administrator Prior to 2.50, iLO4 prior to v2.53, iLO3 prior to v1.89 and iLO2 prior to v2.30 was found. | Integrated_lights\-Out_2_firmware, Integrated_lights\-Out_3_firmware, Integrated_lights\-Out_4_firmware, Moonshot_remote_console_administrator | 6.5 | ||
| 2018-08-06 | CVE-2016-4406 | A remote cross site scripting vulnerability was identified in HPE iLO 3 all version prior to v1.88 and HPE iLO 4 all versions prior to v2.44. | Integrated_lights\-Out_3_firmware, Integrated_lights\-Out_4_firmware | 6.1 | ||
| 2016-09-08 | CVE-2016-4379 | The TLS implementation in HPE Integrated Lights-Out 3 (aka iLO3) firmware before 1.88 does not properly use a MAC protection mechanism in conjunction with CBC padding, which allows remote attackers to obtain sensitive information via a padding-oracle attack, aka a Vaudenay attack. | Integrated_lights\-Out_3_firmware | 3.7 | ||
| 2016-09-08 | CVE-2016-4375 | Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 (aka iLO 3) firmware before 1.88, Integrated Lights-Out 4 (aka iLO 4) firmware before 2.44, and Integrated Lights-Out 4 (aka iLO 4) mRCA firmware before 2.32 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. | Integrated_lights\-Out_3_firmware, Integrated_lights\-Out_4_firmware, Integrated_lights\-Out_4_mrca_firmware | 9.8 | ||
| 2015-09-29 | CVE-2015-5435 | Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 3 before 1.85 and 4 before 2.22 allows remote authenticated users to cause a denial of service via unknown vectors. | Integrated_lights\-Out_3_firmware, Integrated_lights\-Out_4_firmware | N/A | ||
| 2015-03-31 | CVE-2015-2106 | Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial of service via unknown vectors. | Integrated_lights\-Out_2_firmware, Integrated_lights\-Out_3_firmware, Integrated_lights\-Out_4_firmware | N/A | ||
| 2012-11-29 | CVE-2012-3271 | Unspecified vulnerability on the HP Integrated Lights-Out 3 (aka iLO3) with firmware before 1.50 and Integrated Lights-Out 4 (aka iLO4) with firmware before 1.13 allows remote attackers to obtain sensitive information via unknown vectors. | Integrated_lights\-Out_3_firmware, Integrated_lights\-Out_4_firmware | N/A |