VYPR

Integrated Lights-Out 3

by HPE

CVEs (3)

  • CVE-2016-4375CriSep 8, 2016
    risk 0.64cvss 9.8epss 0.03

    Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 (aka iLO 3) firmware before 1.88, Integrated Lights-Out 4 (aka iLO 4) firmware before 2.44, and Integrated Lights-Out 4 (aka iLO 4) mRCA firmware before 2.32 allow remote attackers to obtain sensitive…

  • CVE-2018-7093HigAug 14, 2018
    risk 0.56cvss 8.6epss 0.03

    A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior to v2.55 could be remotely exploited to create a denial of service.

  • CVE-2016-4379LowSep 8, 2016
    risk 0.24cvss 3.7epss 0.02

    The TLS implementation in HPE Integrated Lights-Out 3 (aka iLO3) firmware before 1.88 does not properly use a MAC protection mechanism in conjunction with CBC padding, which allows remote attackers to obtain sensitive information via a padding-oracle attack, aka a Vaudenay…