466 matches found
CVE-2022-23701
A potential remote host header injection security vulnerability has been identified in HPE Integrated Lights-Out 4 iLO 4 firmware versions: Prior to 2.60. This vulnerability could be remotely exploited to allow an attacker to supply invalid input to the iLO 4 webserver, causing it to respond with...
CVE-2022-23704
A potential security vulnerability has been identified in Integrated Lights-Out 4 iLO 4. The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 iLO 4 2.80 and later...
HP Integrated Lights-Out Denial of Service (CVE-2017-8987)
A Unauthenticated Remote Denial of Service vulnerability was identified in HPE Integrated Lights-Out 3 iLO 3 version v1.88 only. The vulnerability is resolved in iLO3 v1.89 or subsequent versions. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...
HP Integrated Lights-Out HTML Injection (CVE-2013-4842)
Cross-site scripting XSS vulnerability in HP Integrated Lights-Out 4 iLO4 with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
HP Integrated Lights-Out Information Disclosure (CVE-2020-7202)
A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 iLO 5 and Integrated Lights-Out 4 iLO 4 firmware. The vulnerability could be remotely exploited to disclose the serial number and other information. This plugin only works with Tenable.ot. Please visit...
HP Integrated Lights-Out (CVE-2015-2106)
Unspecified vulnerability in HP Integrated Lights-Out iLO firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial of service via unknown vectors. This plugin only works with Tenable.ot. Please visit...
HP Integrated Lights-Out Improper Input Validation (CVE-2022-28639)
A remote potential adjacent denial of service DoS and potential adjacent arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 iLO 5 in Version: 2.71. Hewlett Packard Enterprise h...
HP Integrated Lights-Out Denial of Service (CVE-2004-0525)
HP Integrated Lights-Out iLO 1.10 and other versions before 1.55 allows remote attackers to cause a denial of service hang by accessing iLO using the TCP/IP reserved port zero. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
HP Integrated Lights-Out Improper Neutralization of Input During Web Page Generation (CVE-2021-29211)
"A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 iLO 4 %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504424; scriptversion"1.1"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/11/13"; scriptcveid"CVE-2021-29211";...
HP Integrated Lights-Out Information Exposure (CVE-2012-3271)
Unspecified vulnerability on the HP Integrated Lights-Out 3 aka iLO3 with firmware before 1.50 and Integrated Lights-Out 4 aka iLO4 with firmware before 1.13 allows remote attackers to obtain sensitive information via unknown vectors. This plugin only works with Tenable.ot. Please visit...
HP Integrated Lights-Out Improper Neutralization of Input During Web Page Generation (CVE-2021-29204)
"A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 iLO 4 %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504406; scriptversion"1.1"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/11/13"; scriptcveid"CVE-2021-29204";...
HP Integrated Lights-Out Denial of Service (CVE-2018-7101)
A potential remote denial of service security vulnerability has been identified in HPE Integrated Lights Out 4 prior to v2.60 and iLO 5 for Gen 10 servers prior to v1.30. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
HP Integrated Lights-Out Improper Input Validation (CVE-2022-28627)
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. An unprivileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability...
HP Integrated Lights-Out Remote Code Execution (CVE-2013-2338)
Unspecified vulnerability on HP Integrated Lights-Out 3 aka iLO3 cards with firmware before 1.57 and 4 aka iLO4 cards with firmware before 1.22, when Single-Sign-On SSO is used, allows remote attackers to execute arbitrary code via unknown vectors. This plugin only works with Tenable.ot. Please...
HP Integrated Lights-Out Improper Input Validation (CVE-2017-8979)
Security vulnerabilities in the HPE Integrated Lights-Out 2 iLO 2 firmware could be exploited remotely to allow authentication bypass, code execution, and denial of service. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
HP Integrated Lights-Out Denial of Service (CVE-2014-2601)
The server in HP Integrated Lights-Out 2 aka iLO 2 2.23 and earlier allows remote attackers to cause a denial of service via crafted HTTPS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool. This plugin only works with Tenable.ot. Please visit...
HP Integrated Lights-Out Improper Input Validation (CVE-2018-7105)
A security vulnerability in HPE Integrated Lights-Out 5 iLO 5 for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 iLO 4 prior to v2.61, HPE Integrated Lights-Out 3 iLO 3 prior to v1.90 could be remotely exploited to execute arbitrary code leading to disclosure of information. This...
HP Integrated Lights-Out Improper Access Control (CVE-2017-12542)
A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 iLO 4 version prior to 2.53 was found. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
HP Integrated Lights-Out Improper Neutralization of Input During Web Page Generation (CVE-2021-46846)
Cross Site Scripting vulnerability in Hewlett Packard Enterprise Integrated Lights-Out 5. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504393;...
HP Integrated Lights-Out Improper Neutralization of Input During Web Page Generation (CVE-2021-29209)
"A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 iLO 4 %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504390; scriptversion"1.1"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/11/13";...