Skip to main content

Integrated Lights Out 4 Firmware

13 CVEs product

Monthly

CVE-2019-11983 HIGH This Week

A remote buffer overflow vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow Integrated Lights Out 5 Firmware Integrated Lights Out 4 Firmware
NVD
CVSS 3.0
7.0
EPSS
1.1%
CVE-2019-11982 HIGH This Week

A remote cross site scripting vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

XSS Integrated Lights Out 5 Firmware Integrated Lights Out 4 Firmware
NVD
CVSS 3.0
8.3
EPSS
2.1%
CVE-2018-7112 MEDIUM This Month

The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Integrated Lights Out 2 Firmware Integrated Lights Out 3 Firmware Integrated Lights Out 4 Firmware +98
NVD
CVSS 3.0
5.5
EPSS
0.7%
CVE-2018-7105 HIGH This Week

A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Integrated Lights Out 5 Firmware Integrated Lights Out 3 Firmware Integrated Lights Out 4 Firmware
NVD
CVSS 3.0
7.2
EPSS
4.1%
CVE-2018-7101 HIGH This Week

A potential remote denial of service security vulnerability has been identified in HPE Integrated Lights Out 4 prior to v2.60 and iLO 5 for Gen 10 servers prior to v1.30. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Integrated Lights Out 4 Firmware Integrated Lights Out 5 Firmware
NVD
CVSS 3.0
7.5
EPSS
7.1%
CVE-2018-7093 HIGH This Week

A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Integrated Lights Out 3 Firmware Integrated Lights Out 4 Firmware Integrated Lights Out 5 Firmware Moonshot Chassis Manager Firmware +1
NVD
CVSS 3.0
8.6
EPSS
3.5%
CVE-2018-7078 HIGH This Week

A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2.60 and HPE Integrated Lights-Out 5 (iLO 5) earlier than version v1.30. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Integrated Lights Out 4 Firmware Integrated Lights Out 5 Firmware
NVD
CVSS 3.0
7.2
EPSS
6.8%
CVE-2016-4375 CRITICAL Act Now

Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 (aka iLO 3) firmware before 1.88, Integrated Lights-Out 4 (aka iLO 4) firmware before 2.44, and Integrated Lights-Out 4 (aka iLO 4). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Integrated Lights Out 3 Firmware Integrated Lights Out 4 Firmware Integrated Lights Out 4 Mrca Firmware
NVD
CVSS 3.0
9.8
EPSS
1.9%
CVE-2015-5435 MEDIUM This Month

Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 3 before 1.85 and 4 before 2.22 allows remote authenticated users to cause a denial of service via unknown vectors. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP Denial Of Service Integrated Lights Out 3 Firmware Integrated Lights Out 4 Firmware
NVD
CVSS 2.0
4.0
EPSS
0.3%
CVE-2015-2106 MEDIUM This Month

Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP Denial Of Service Integrated Lights Out 2 Firmware Integrated Lights Out 3 Firmware Integrated Lights Out 4 Firmware
NVD
CVSS 2.0
6.4
EPSS
0.6%
CVE-2014-7876 CRITICAL Act Now

Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management (CM) firmware before 1.30 allows remote attackers to gain privileges,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 25.2% and no vendor patch available.

Denial Of Service HP RCE Integrated Lights Out 2 Firmware Integrated Lights Out 4 Firmware +1
NVD
CVSS 2.0
10.0
EPSS
25.2%
CVE-2013-2338 CRITICAL Act Now

Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) cards with firmware before 1.57 and 4 (aka iLO4) cards with firmware before 1.22, when Single-Sign-On (SSO) is used, allows remote. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 22.2% and no vendor patch available.

HP RCE Integrated Lights Out 3 Firmware Integrated Lights Out 4 Firmware
NVD
CVSS 2.0
10.0
EPSS
22.2%
CVE-2012-3271 CRITICAL PATCH Act Now

Unspecified vulnerability on the HP Integrated Lights-Out 3 (aka iLO3) with firmware before 1.50 and Integrated Lights-Out 4 (aka iLO4) with firmware before 1.13 allows remote attackers to obtain. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Information Disclosure HP Integrated Lights Out 3 Firmware Integrated Lights Out 4 Firmware
NVD
CVSS 2.0
9.3
EPSS
1.4%
EPSS 1% CVSS 7.0
HIGH This Week

A remote buffer overflow vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow Integrated Lights Out 5 Firmware Integrated Lights Out 4 Firmware
NVD
EPSS 2% CVSS 8.3
HIGH This Week

A remote cross site scripting vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

XSS Integrated Lights Out 5 Firmware Integrated Lights Out 4 Firmware
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Integrated Lights Out 2 Firmware +100
NVD
EPSS 4% CVSS 7.2
HIGH This Week

A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Integrated Lights Out 5 Firmware Integrated Lights Out 3 Firmware +1
NVD
EPSS 7% CVSS 7.5
HIGH This Week

A potential remote denial of service security vulnerability has been identified in HPE Integrated Lights Out 4 prior to v2.60 and iLO 5 for Gen 10 servers prior to v1.30. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Integrated Lights Out 4 Firmware Integrated Lights Out 5 Firmware
NVD
EPSS 3% CVSS 8.6
HIGH This Week

A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Integrated Lights Out 3 Firmware Integrated Lights Out 4 Firmware +3
NVD
EPSS 7% CVSS 7.2
HIGH This Week

A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2.60 and HPE Integrated Lights-Out 5 (iLO 5) earlier than version v1.30. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Integrated Lights Out 4 Firmware Integrated Lights Out 5 Firmware
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 (aka iLO 3) firmware before 1.88, Integrated Lights-Out 4 (aka iLO 4) firmware before 2.44, and Integrated Lights-Out 4 (aka iLO 4). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Integrated Lights Out 3 Firmware Integrated Lights Out 4 Firmware +1
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 3 before 1.85 and 4 before 2.22 allows remote authenticated users to cause a denial of service via unknown vectors. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP Denial Of Service Integrated Lights Out 3 Firmware +1
NVD
EPSS 1% CVSS 6.4
MEDIUM This Month

Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP Denial Of Service Integrated Lights Out 2 Firmware +2
NVD
EPSS 25% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management (CM) firmware before 1.30 allows remote attackers to gain privileges,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 25.2% and no vendor patch available.

Denial Of Service HP RCE +3
NVD
EPSS 22% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) cards with firmware before 1.57 and 4 (aka iLO4) cards with firmware before 1.22, when Single-Sign-On (SSO) is used, allows remote. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 22.2% and no vendor patch available.

HP RCE Integrated Lights Out 3 Firmware +1
NVD
EPSS 1% CVSS 9.3
CRITICAL PATCH Act Now

Unspecified vulnerability on the HP Integrated Lights-Out 3 (aka iLO3) with firmware before 1.50 and Integrated Lights-Out 4 (aka iLO4) with firmware before 1.13 allows remote attackers to obtain. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Information Disclosure HP Integrated Lights Out 3 Firmware +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy