11 matches found
HP Integrated Lights-Out Information Disclosure (CVE-2018-7112)
The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. This issue was resolved in previously provided firmware updates as follows. The HPE Windows firmware installer was updated in the system ROM updates which...
HP Integrated Lights-Out Improper Neutralization of Input During Web Page Generation (CVE-2019-11982)
A remote cross site scripting vulnerability was identified in HPE Integrated Lights-Out 4 iLO 4 earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 iLO 5 for Gen10 Servers earlier than version v1.39. This plugin only works with Tenable.ot. Please visit...
HP Integrated Lights-Out Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2019-11983)
A remote buffer overflow vulnerability was identified in HPE Integrated Lights-Out 4 iLO 4 earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 iLO 5 for Gen10 Servers earlier than version v1.39. This plugin only works with Tenable.ot. Please visit...
HPESBST04324 rev.1 - Certain HPE SimpliVity Servers Using Certain Intel Processors, INTEL-SA-00615, 2022.1 IPU – Intel Processors MMIO Stale Data Advisory, Local Disclosure of Information
Potential Security Impact: Local: Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE SimpliVity 170r Gen10 Server - Prior to 2.6605172022 - Use BIOS family U38 HPE SimpliVity 190r Gen10 Server - Prior to 2.6605172022 - Use BIOS family U38 HPE SimpliVity...
HPESBHF04152 rev.1 - HPE Gen9 Servers Using Certain Intel Processors, Local Escalation of Privilege
Potential Security Impact: Local: Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant XL450 Gen9 Server - Prior to version 2.90 HPE ProLiant XL270d Gen9 Special Server - Prior to version 2.90 HPE Apollo 4200 Gen9 Server - Prior to version 2.90 HPE...
CVE-2021-25133
The Baseboard Management ControllerBMC in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spxrestservice setradiusconfigfunc...
CVE-2021-25127
The Baseboard Management ControllerBMC in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spxrestservice generatesslcertificatefu...
HPE Cloudline Buffer Error Vulnerability in Multiple Products
HPE Cloudline CL5200 Gen9 Server and others are a dense cloud storage server appliance from HPE America. A buffer error vulnerability exists in multiple HPE Cloudline products, which stems from a local buffer overflow in the spxrestservice downloadkvmjnlpfunc function. The following products and...
HPE Integrated Lights-Out Buffer Overflow Vulnerability
HPE Integrated Lights-Out is a remote control solution from Hewlett Packard Enterprise HPE. The solution enables remote monitoring and operation and maintenance of IT assets such as servers. A buffer overflow vulnerability exists in HPE Integrated Lights-Out 4 iLO 4 for Gen9 servers prior to...
CVE-2019-11982
A remote cross site scripting vulnerability was identified in HPE Integrated Lights-Out 4 iLO 4 earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 iLO 5 for Gen10 Servers earlier than version v1.39...
HPESBHF03789 rev.2 - Certain HPE Gen9 Systems with HP Trusted Platform Module v2.0 Option, Unauthorized Access to Data
Potential Security Impact: Local: Unauthorized Access to Data; Remote: Unauthorized Access to Data SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Trusted Platform Module 2.0 Kit FW 5.51 - TPM 2.0 FW 5.62 is not affected. This is the Gen9 TPM 2.0 option only Gen9 servers could...