CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
5.1%
A local Denial of Service (DoS) and local arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 (iLO 5) in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for HPE Integrated Lights-Out 5 (iLO 5) that addresses these security vulnerabilities.
Vendor | Product | Version | CPE |
---|---|---|---|
hpe | integrated_lights-out_5_firmware | * | cpe:2.3:o:hpe:integrated_lights-out_5_firmware:*:*:*:*:*:*:*:* |
hp | apollo_4200_gen10_server | - | cpe:2.3:h:hp:apollo_4200_gen10_server:-:*:*:*:*:*:*:* |
hp | apollo_4500 | - | cpe:2.3:h:hp:apollo_4500:-:*:*:*:*:*:*:* |
hp | apollo_r2000_chassis | - | cpe:2.3:h:hp:apollo_r2000_chassis:-:*:*:*:*:*:*:* |
hpe | apollo_2000_gen10_plus_system | - | cpe:2.3:h:hpe:apollo_2000_gen10_plus_system:-:*:*:*:*:*:*:* |
hpe | apollo_4200_gen10_plus_system | - | cpe:2.3:h:hpe:apollo_4200_gen10_plus_system:-:*:*:*:*:*:*:* |
hpe | apollo_4510_gen10_system | - | cpe:2.3:h:hpe:apollo_4510_gen10_system:-:*:*:*:*:*:*:* |
hpe | apollo_6500_gen10_plus | - | cpe:2.3:h:hpe:apollo_6500_gen10_plus:-:*:*:*:*:*:*:* |
hpe | apollo_n2600_gen10_plus | - | cpe:2.3:h:hpe:apollo_n2600_gen10_plus:-:*:*:*:*:*:*:* |
hpe | apollo_n2800_gen10_plus | - | cpe:2.3:h:hpe:apollo_n2800_gen10_plus:-:*:*:*:*:*:*:* |
[
{
"product": "HPE Integrated Lights-Out 5 (iLO 5)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 2.72"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
]
More