Remote code execution

2022-08-1215:15:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. A highly privileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5).

CPENameOperatorVersion
integrated_lights-out_5_firmwarelt2.71

CPE	Name	Operator	Version
	integrated_lights-out_5_firmware	lt	2.71

References

support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04333en_us