CVE-2022-28640

2022-09-2020:01:58

hpe

www.cve.org

hpe integrated lights-out 5

version 2.71

code execution vulnerability

AI Score

8.9

Confidence

High

EPSS

0.001

Percentile

28.5%

JSON

A potential local adjacent arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability was discovered in HPE Integrated Lights-Out 5 (iLO 5) in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for HPE Integrated Lights-Out 5 (iLO 5) that addresses this security vulnerability.

CNA Affected

[
  {
    "product": "HPE Integrated Lights-Out 5 (iLO 5)",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Prior to 2.72"
      },
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  }
]

References

support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04365en_us