2 matches found
CVE-2016-4379
The TLS implementation in HPE Integrated Lights-Out 3 aka iLO3 firmware before 1.88 does not properly use a MAC protection mechanism in conjunction with CBC padding, which allows remote attackers to obtain sensitive information via a padding-oracle attack, aka a Vaudenay attack...
CVE-2016-4379
The CVE-2016-4379 entry is about HP Integrated Lights-Out 3 (iLO3) firmware pre-1.88, where the TLS implementation improperly uses a MAC protection mechanism with CBC padding, enabling a padding-oracle Vaudenay attack. This can allow an unauthenticated, remote attacker to disclose potentially sen...