VYPR

Integrated Lights Out 3 Firmware

by Microfocus

CVEs (6)

  • CVE-2016-4375CriSep 8, 2016
    risk 0.64cvss 9.8epss 0.03

    Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 (aka iLO 3) firmware before 1.88, Integrated Lights-Out 4 (aka iLO 4) firmware before 2.44, and Integrated Lights-Out 4 (aka iLO 4) mRCA firmware before 2.32 allow remote attackers to obtain sensitive…

  • CVE-2016-4379LowSep 8, 2016
    risk 0.24cvss 3.7epss 0.02

    The TLS implementation in HPE Integrated Lights-Out 3 (aka iLO3) firmware before 1.88 does not properly use a MAC protection mechanism in conjunction with CBC padding, which allows remote attackers to obtain sensitive information via a padding-oracle attack, aka a Vaudenay…

  • CVE-2013-2338Jun 14, 2013
    risk 0.01cvss epss 0.11

    Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) cards with firmware before 1.57 and 4 (aka iLO4) cards with firmware before 1.22, when Single-Sign-On (SSO) is used, allows remote attackers to execute arbitrary code via unknown vectors.

  • CVE-2015-5435Sep 30, 2015
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 3 before 1.85 and 4 before 2.22 allows remote authenticated users to cause a denial of service via unknown vectors.

  • CVE-2015-2106Mar 31, 2015
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial of service via unknown vectors.

  • CVE-2012-3271Nov 29, 2012
    risk 0.00cvss epss 0.05

    Unspecified vulnerability on the HP Integrated Lights-Out 3 (aka iLO3) with firmware before 1.50 and Integrated Lights-Out 4 (aka iLO4) with firmware before 1.13 allows remote attackers to obtain sensitive information via unknown vectors.