CVSS: 5.5EPSS: 0%CPEs: 205EXPL: 0CVE-2018-7112
https://notcve.org/view.php?id=CVE-2018-7112
03 Dec 2018 — The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. This issue was resolved in previously provided firmware updates as follows. The HPE Windows firmware installer was updated in the system ROM updates which also addressed the original Spectre/Meltdown set of vulnerabilities. At that time, the Windows firmware installer was also updated in the versions of HPE Integrated Lights-Out 2, 3, and 4 (iLO 2, 3, and 4) listed in ... • http://www.securitytracker.com/id/1041984 •
CVSS: 9.8EPSS: 3%CPEs: 2EXPL: 0CVE-2017-8979
https://notcve.org/view.php?id=CVE-2017-8979
15 Feb 2018 — Security vulnerabilities in the HPE Integrated Lights-Out 2 (iLO 2) firmware could be exploited remotely to allow authentication bypass, code execution, and denial of service. En Apache JMeter 2.X y 3.X, al emplear solo Distributed Test (basado en RMI), el servidor jmeter enlaza el registro RMI al host de caracteres comodín. Esto podría permitir que un atacante obtenga acceso a JMeterEngine y envíe código no autorizado. • https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03797en_us •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2017-12543 – HPE Security Bulletin HPESBHF03705 4
https://notcve.org/view.php?id=CVE-2017-12543
16 Nov 2017 — A remote disclosure of information vulnerability in Moonshot Remote Console Administrator Prior to 2.50, iLO4 prior to v2.53, iLO3 prior to v1.89 and iLO2 prior to v2.30 was found. Se ha encontrado una vulnerabilidad de divulgación remota de información en Moonshot Remote Console Administrator en versiones anteriores a la 2.50; iLO 4 en versiones anteriores a la v2.53, iLO3 en versiones anteriores a la v1.89 y iLO2 en versiones anteriores a la v2.30. A potential security vulnerability has been identified in... • http://www.securityfocus.com/bid/101944 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •