CVSS: 8.6EPSS: 0%CPEs: 7EXPL: 0CVE-2018-7093
https://notcve.org/view.php?id=CVE-2018-7093
A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior to v2.55 could be remotely exploited to create a denial of service. Una vulnerabilidad de seguridad en HPE Integrated Lights-Out 3 en versiones anteriores a la v1.90, iLO 4 en versiones anteriores a la v2.60, iLO 5 en versiones anteriores a la v1.30, Moonshot Chassis Manager con firmware en versiones anteriores a la v1.58 y Moonshot Component Pack en versiones anteriores a la v2.55 podría explotarse de forma remota para crear una denegación de servicio (DoS). • http://www.securitytracker.com/id/1041435 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03835en_us •
CVSS: 9.0EPSS: 1%CPEs: 3EXPL: 0CVE-2018-7078
https://notcve.org/view.php?id=CVE-2018-7078
A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2.60 and HPE Integrated Lights-Out 5 (iLO 5) earlier than version v1.30. Se ha identificado una ejecución remota de código en HPE Integrated Lights-Out 4 (iLO 4) anteriores a la v2.60 y HPE Integrated Lights-Out 5 (iLO 5) anteriores a la v1.30. • http://www.securitytracker.com/id/1041188 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03844en_us •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2017-12543
https://notcve.org/view.php?id=CVE-2017-12543
A remote disclosure of information vulnerability in Moonshot Remote Console Administrator Prior to 2.50, iLO4 prior to v2.53, iLO3 prior to v1.89 and iLO2 prior to v2.30 was found. Se ha encontrado una vulnerabilidad de divulgación remota de información en Moonshot Remote Console Administrator en versiones anteriores a la 2.50; iLO 4 en versiones anteriores a la v2.53, iLO3 en versiones anteriores a la v1.89 y iLO2 en versiones anteriores a la v2.30. • http://www.securityfocus.com/bid/101944 https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03705en_us • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 97%CPEs: 2EXPL: 2CVE-2017-12542 – HPE iLO 4 < 2.53 - Add New Administrator User
https://notcve.org/view.php?id=CVE-2017-12542
A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 (iLO 4) version prior to 2.53 was found. Se ha encontrado una vulnerabilidad de omisión de autenticación y ejecución de código en HPE Integrated Lights-out 4 (iLO 4) en versiones anteriores a la 2.53. • https://www.exploit-db.com/exploits/44005 https://github.com/skelsec/CVE-2017-12542 http://www.securityfocus.com/bid/100467 http://www.securitytracker.com/id/1039222 https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03769en_us •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4406
https://notcve.org/view.php?id=CVE-2016-4406
A remote cross site scripting vulnerability was identified in HPE iLO 3 all version prior to v1.88 and HPE iLO 4 all versions prior to v2.44. Se ha identificado una vulnerabilidad remota de Cross-Site Scripting (XSS) en iLO 3 en todas las versiones anteriores a la v1.88 y HPE iLO 4 en todas las versiones anteriores a la v2.44. • http://www.securityfocus.com/bid/94426 http://www.securitytracker.com/id/1037318 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05337025 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •