Lucene search

K

HPE Integrated Lights-Out 5 Security Vulnerabilities

cve
cve

CVE-2023-50272

A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 6 (iLO 6). The vulnerability could be remotely exploited to allow authentication...

9.8CVSS

9.4AI Score

0.001EPSS

2023-12-19 04:15 PM
22
cve
cve

CVE-2023-30911

HPE Integrated Lights-Out 5, and Integrated Lights-Out 6 using iLOrest may cause denial of...

7.5CVSS

7.5AI Score

0.0005EPSS

2023-10-18 06:15 PM
16
cve
cve

CVE-2021-46846

Cross Site Scripting vulnerability in Hewlett Packard Enterprise Integrated Lights-Out...

6.4CVSS

6.1AI Score

0.001EPSS

2022-12-12 01:15 PM
31
cve
cve

CVE-2022-28638

An isolated local disclosure of information and potential isolated local arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 (iLO 5) in Version: 2.71. Hewlett Packard Enterprise.....

7.8CVSS

7.7AI Score

0.0004EPSS

2022-09-20 09:15 PM
164
cve
cve

CVE-2022-28639

A remote potential adjacent denial of service (DoS) and potential adjacent arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 (iLO 5) in Version: 2.71. Hewlett Packard...

8.8CVSS

8.9AI Score

0.001EPSS

2022-09-20 09:15 PM
168
cve
cve

CVE-2022-28640

A potential local adjacent arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability was discovered in HPE Integrated Lights-Out 5 (iLO 5) in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for HPE...

8.8CVSS

8.7AI Score

0.001EPSS

2022-09-20 09:15 PM
23
2
cve
cve

CVE-2022-28637

A local Denial of Service (DoS) and local arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 (iLO 5) in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware...

7.8CVSS

7.8AI Score

0.0004EPSS

2022-09-20 09:15 PM
24
2
cve
cve

CVE-2022-28634

A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. A highly privileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and...

6.7CVSS

6.8AI Score

0.0004EPSS

2022-08-12 03:15 PM
34
cve
cve

CVE-2022-28626

A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. A highly privileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and...

6.7CVSS

6.8AI Score

0.0004EPSS

2022-08-12 03:15 PM
32
4
cve
cve

CVE-2022-28636

A potential local arbitrary code execution and a local denial of service (DoS) vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to potentially execute...

7.4CVSS

7.7AI Score

0.001EPSS

2022-08-12 03:15 PM
36
4
cve
cve

CVE-2022-28628

A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and...

8.4CVSS

8.4AI Score

0.001EPSS

2022-08-12 03:15 PM
21
4
cve
cve

CVE-2022-28627

A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and...

8.4CVSS

8.4AI Score

0.001EPSS

2022-08-12 03:15 PM
25
4
cve
cve

CVE-2022-28633

A local disclosure of sensitive information and a local unauthorized data modification vulnerability were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to read and write to the iLO 5 firmware file....

7.3CVSS

6.6AI Score

0.001EPSS

2022-08-12 03:15 PM
36
4
cve
cve

CVE-2022-28630

A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality and integrity, and a...

7.3CVSS

7.3AI Score

0.001EPSS

2022-08-12 03:15 PM
29
4
cve
cve

CVE-2022-28632

A potential arbitrary code execution and a denial of service (DoS) vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could exploit this vulnerability in an adjacent network to potentially execute....

8.8CVSS

8.8AI Score

0.001EPSS

2022-08-12 03:15 PM
41
4
cve
cve

CVE-2022-28631

A potential arbitrary code execution and a denial of service (DoS) vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could exploit this vulnerability in an adjacent network to potentially execute....

8.8CVSS

8.8AI Score

0.001EPSS

2022-08-12 03:15 PM
32
4
cve
cve

CVE-2022-28629

A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. A low privileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and...

7.8CVSS

7.7AI Score

0.0004EPSS

2022-08-12 03:15 PM
30
4
cve
cve

CVE-2022-28635

A potential local arbitrary code execution and a local denial of service (DoS) vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to potentially execute...

7.4CVSS

7.7AI Score

0.001EPSS

2022-08-12 03:15 PM
32
4
cve
cve

CVE-2021-29210

A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity...

4.8CVSS

5.3AI Score

0.001EPSS

2021-05-25 03:15 PM
26
2
cve
cve

CVE-2021-29208

A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity...

4.8CVSS

5.3AI Score

0.001EPSS

2021-05-25 03:15 PM
22
2
cve
cve

CVE-2021-29209

A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity...

4.8CVSS

5.3AI Score

0.001EPSS

2021-05-25 03:15 PM
22
2
cve
cve

CVE-2021-29211

A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H...

4.8CVSS

5.1AI Score

0.001EPSS

2021-05-25 03:15 PM
15
2
cve
cve

CVE-2021-29201

A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H...

4.8CVSS

5.1AI Score

0.001EPSS

2021-05-25 02:15 PM
22
2
cve
cve

CVE-2021-29204

A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H...

4.8CVSS

5.1AI Score

0.001EPSS

2021-05-25 02:15 PM
21
2
cve
cve

CVE-2021-29202

A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H....

6.7CVSS

6.6AI Score

0.0004EPSS

2021-05-25 02:15 PM
20
2
cve
cve

CVE-2021-29207

A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H...

4.8CVSS

5.1AI Score

0.001EPSS

2021-05-25 02:15 PM
15
2
cve
cve

CVE-2021-29205

A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H...

4.8CVSS

5.1AI Score

0.001EPSS

2021-05-25 02:15 PM
18
4
cve
cve

CVE-2021-29206

A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H...

4.8CVSS

5.1AI Score

0.001EPSS

2021-05-25 02:15 PM
19
2
cve
cve

CVE-2020-7202

A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4) firmware. The vulnerability could be remotely exploited to disclose the serial number and other...

5.3CVSS

5.2AI Score

0.001EPSS

2021-01-05 03:15 PM
32
2
cve
cve

CVE-2019-11983

A remote buffer overflow vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version...

7CVSS

7.1AI Score

0.002EPSS

2019-06-05 05:29 PM
71
cve
cve

CVE-2019-11982

A remote cross site scripting vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version...

8.3CVSS

7.8AI Score

0.002EPSS

2019-06-05 05:29 PM
84
cve
cve

CVE-2018-7117

A remote Cross-Site Scripting in HPE iLO 5 Web User Interface vulnerability was identified in HPE Integrated Lights-Out 5 (iLO 5) for Gen10 ProLiant Servers earlier than version...

6.1CVSS

6.1AI Score

0.001EPSS

2019-04-09 07:29 PM
68
cve
cve

CVE-2018-7113

A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) prior to v1.37 could be locally exploited to bypass the security restrictions for firmware...

6.6CVSS

6.4AI Score

0.0004EPSS

2018-12-03 03:29 PM
31
cve
cve

CVE-2018-7101

A potential remote denial of service security vulnerability has been identified in HPE Integrated Lights Out 4 prior to v2.60 and iLO 5 for Gen 10 servers prior to...

7.5CVSS

7.5AI Score

0.002EPSS

2018-09-27 06:29 PM
66
cve
cve

CVE-2018-7105

A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90 could be remotely exploited to execute arbitrary code leading to disclosure of...

7.2CVSS

7.3AI Score

0.009EPSS

2018-09-27 06:29 PM
99
cve
cve

CVE-2018-7093

A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior to v2.55 could be remotely exploited to create a denial of...

8.6CVSS

8.2AI Score

0.001EPSS

2018-08-14 02:29 PM
24
cve
cve

CVE-2018-7078

A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2.60 and HPE Integrated Lights-Out 5 (iLO 5) earlier than version...

7.2CVSS

7.5AI Score

0.01EPSS

2018-08-06 08:29 PM
82