Integrated Lights Out 5 Firmware
CVE-2023-30911
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
HPE Integrated Lights-Out 5, and Integrated Lights-Out 6 using iLOrest may cause denial of service.
AnalysisAI
HPE Integrated Lights-Out 5, and Integrated Lights-Out 6 using iLOrest may cause denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
HPE Integrated Lights-Out 5, and Integrated Lights-Out 6 using iLOrest may cause denial of service. Affected products include: Hpe Integrated Lights-Out 5 Firmware, Hpe Integrated Lights-Out 6 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out
A potential local adjacent arbitrary code execution vulnerability that could potentially lead to a loss of confidentiali
A remote potential adjacent denial of service (DoS) and potential adjacent arbitrary code execution vulnerability that c
A potential arbitrary code execution and a denial of service (DoS) vulnerability within an isolated process were discove
A potential arbitrary code execution and a denial of service (DoS) vulnerability within an isolated process were discove
A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moon
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s)
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s)
A remote cross site scripting vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b fo
An isolated local disclosure of information and potential isolated local arbitrary code execution vulnerability that cou
A local Denial of Service (DoS) and local arbitrary code execution vulnerability that could potentially lead to a loss o
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s)
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today