6 matches found
HP Integrated Lights-Out Remote Code Execution (CVE-2013-2338)
Unspecified vulnerability on HP Integrated Lights-Out 3 aka iLO3 cards with firmware before 1.57 and 4 aka iLO4 cards with firmware before 1.22, when Single-Sign-On SSO is used, allows remote attackers to execute arbitrary code via unknown vectors. This plugin only works with Tenable.ot. Please...
hofapotheke-wuerzburg.de Improper Access Control vulnerability OBB-3767500
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
iLO 3 < 1.57 / iLO 4 < 1.22 Unspecified Arbitrary Code Execution
According to its version number and single sign-on settings, the remote HP Integrated Lights-Out iLO server is affected by an arbitrary code execution vulnerability in its web interface. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...
[security bulletin] HPSBHF02885 rev.1 - HP Integrated Lights-Out iLO3 and iLO4 using Single-Sign-On (SSO), Remote Unauthorized Access
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03787836 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03787836 Version: 1 HPSBHF02885 rev....
CVE-2013-2338
HP iLO3 and iLO4 remote code execution (CVE-2013-2338) affects iLO3 firmware prior to 1.57 and iLO4 firmware prior to 1.22 when Single-Sign-On is enabled. The vulnerability, described as an unspecified remote code execution via unknown vectors, has a CVSS v2 base score of 9.3 (HIGH) and requires ...
CVE-2013-2338
Unspecified vulnerability on HP Integrated Lights-Out 3 aka iLO3 cards with firmware before 1.57 and 4 aka iLO4 cards with firmware before 1.22, when Single-Sign-On SSO is used, allows remote attackers to execute arbitrary code via unknown vectors...