CVSS: 9.0EPSS: 3%CPEs: 3EXPL: 0CVE-2018-7078
https://notcve.org/view.php?id=CVE-2018-7078
06 Aug 2018 — A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2.60 and HPE Integrated Lights-Out 5 (iLO 5) earlier than version v1.30. Se ha identificado una ejecución remota de código en HPE Integrated Lights-Out 4 (iLO 4) anteriores a la v2.60 y HPE Integrated Lights-Out 5 (iLO 5) anteriores a la v1.30. • http://www.securitytracker.com/id/1041188 •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2017-12543 – HPE Security Bulletin HPESBHF03705 4
https://notcve.org/view.php?id=CVE-2017-12543
16 Nov 2017 — A remote disclosure of information vulnerability in Moonshot Remote Console Administrator Prior to 2.50, iLO4 prior to v2.53, iLO3 prior to v1.89 and iLO2 prior to v2.30 was found. Se ha encontrado una vulnerabilidad de divulgación remota de información en Moonshot Remote Console Administrator en versiones anteriores a la 2.50; iLO 4 en versiones anteriores a la v2.53, iLO3 en versiones anteriores a la v1.89 y iLO2 en versiones anteriores a la v2.30. A potential security vulnerability has been identified in... • http://www.securityfocus.com/bid/101944 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 94%CPEs: 2EXPL: 5CVE-2017-12542 – HPE iLO 4 < 2.53 - Add New Administrator User
https://notcve.org/view.php?id=CVE-2017-12542
24 Aug 2017 — A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 (iLO 4) version prior to 2.53 was found. Se ha encontrado una vulnerabilidad de omisión de autenticación y ejecución de código en HPE Integrated Lights-out 4 (iLO 4) en versiones anteriores a la 2.53. A potential security vulnerability has been identified in HPE Integrated Lights-out (iLO 4). The vulnerability could be exploited remotely to allow authentication bypass and execution of code. Revision 1 of this advisory... • https://packetstorm.news/files/id/180903 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5436
https://notcve.org/view.php?id=CVE-2015-5436
11 May 2017 — A potential security vulnerability has been identified with HP Integrated Lights-Out 4 (iLO 4) firmware version 2.11 and later, but prior to version 2.30. The vulnerability could be exploited remotely resulting in Denial of Service (DoS). Note this was originally published in 2015 however the CVE entry was added in 2020. Se ha identificado una posible vulnerabilidad de seguridad con el firmware HP Integrated Lights-Out 4 (iLO 4) versión 2.11 y posterior, pero anterior a la versión 2.30. La vulnerabilidad po... • https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c04806165 •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4406 – HP Security Bulletin HPSBHF03675 1
https://notcve.org/view.php?id=CVE-2016-4406
20 Nov 2016 — A remote cross site scripting vulnerability was identified in HPE iLO 3 all version prior to v1.88 and HPE iLO 4 all versions prior to v2.44. Se ha identificado una vulnerabilidad remota de Cross-Site Scripting (XSS) en iLO 3 en todas las versiones anteriores a la v1.88 y HPE iLO 4 en todas las versiones anteriores a la v2.44. A potential security vulnerability was addressed by HPE Integrated Lights-Out 3 and 4. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). Revision 1 of... • http://www.securityfocus.com/bid/94426 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 2%CPEs: 5EXPL: 0CVE-2016-4375 – HP Security Bulletin HPSBHF03441 2
https://notcve.org/view.php?id=CVE-2016-4375
16 Aug 2016 — Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 (aka iLO 3) firmware before 1.88, Integrated Lights-Out 4 (aka iLO 4) firmware before 2.44, and Integrated Lights-Out 4 (aka iLO 4) mRCA firmware before 2.32 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. Múltiples vulnerabilidades no especificadas en firmware HPE Integrated Lights-Out 3 (también conocido como iLO 3) en versiones anteriores a 1.88, firmware Integrated L... • http://www.securityfocus.com/bid/92484 •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5435
https://notcve.org/view.php?id=CVE-2015-5435
29 Sep 2015 — Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 3 before 1.85 and 4 before 2.22 allows remote authenticated users to cause a denial of service via unknown vectors. Vulnerabilidad no especificada en HP Integrated Lights-Out (iLO) firmware 3 en versiones anteriores a 1.85 y 4 en versiones anteriores a 2.22, permite a usuarios remotos autenticados provocar una denegación de servicio a través de vectores desconocidos. • http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04785857 •
CVSS: 10.0EPSS: 34%CPEs: 3EXPL: 0CVE-2014-7876 – HP Security Bulletin HPSBHF03151 1
https://notcve.org/view.php?id=CVE-2014-7876
25 Mar 2015 — Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management (CM) firmware before 1.30 allows remote attackers to gain privileges, execute arbitrary code, or cause a denial of service via unknown vectors. Vulnerabilidad no especificada en el firmware HP Integrated Lights-Out (iLO) 2 anterior a 2.27 y 4 anterior a 2.03 y el firmware iLO Chassis Management (CM) anterior a 1.30 permite a atacantes remotos ganar privilegios, ejecutar código arbi... • http://www.securitytracker.com/id/1031972 •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2015-2106 – HP Security Bulletin HPSBHF03276 1
https://notcve.org/view.php?id=CVE-2015-2106
25 Mar 2015 — Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial of service via unknown vectors. Vulnerabilidad no especificada en el firmware HP Integrated Lights-Out (iLO) 2 anterior a 2.27, 3 anterior a 1.82, y 4 anterior a 2.10 permite a atacantes remotos evadir las restricciones de acceso o causar una denegación de servicio a través de vectores desconocidos. A potential s... • http://www.securityfocus.com/bid/73324 •
CVSS: 6.8EPSS: 0%CPEs: 8EXPL: 0CVE-2013-4842 – HP Security Bulletin HPSBHF02939
https://notcve.org/view.php?id=CVE-2013-4842
13 Nov 2013 — Cross-site scripting (XSS) vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en HP Integrated Lights-Out 4 (iLO4) con firmware anterior a la versión 1.32 permite a atacantes remotos inyectar script web arbitrario o HTML a través de vectores sin especificar. Potential security vulnerabilities have been identified with HP Integrated Lights-Out 4 (iLO4). The vulnerabilities c... • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •