CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4406 – HP Security Bulletin HPSBHF03675 1
https://notcve.org/view.php?id=CVE-2016-4406
20 Nov 2016 — A remote cross site scripting vulnerability was identified in HPE iLO 3 all version prior to v1.88 and HPE iLO 4 all versions prior to v2.44. Se ha identificado una vulnerabilidad remota de Cross-Site Scripting (XSS) en iLO 3 en todas las versiones anteriores a la v1.88 y HPE iLO 4 en todas las versiones anteriores a la v2.44. A potential security vulnerability was addressed by HPE Integrated Lights-Out 3 and 4. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). Revision 1 of... • http://www.securityfocus.com/bid/94426 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4379 – HP Security Bulletin HPSBHF03641 1
https://notcve.org/view.php?id=CVE-2016-4379
30 Aug 2016 — The TLS implementation in HPE Integrated Lights-Out 3 (aka iLO3) firmware before 1.88 does not properly use a MAC protection mechanism in conjunction with CBC padding, which allows remote attackers to obtain sensitive information via a padding-oracle attack, aka a Vaudenay attack. La implementación TLS en firmware HPE Integrated Lights-Out 3 (también conocido como iLO3) en versiones anteriores a 1.88 no utiliza adecuadamente un mecanismo de proteción MAC en conjunción con relleno CBC, lo que permite a ataca... • http://www.securityfocus.com/bid/92696 • CWE-310: Cryptographic Issues •
CVSS: 9.8EPSS: 2%CPEs: 5EXPL: 0CVE-2016-4375 – HP Security Bulletin HPSBHF03441 2
https://notcve.org/view.php?id=CVE-2016-4375
16 Aug 2016 — Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 (aka iLO 3) firmware before 1.88, Integrated Lights-Out 4 (aka iLO 4) firmware before 2.44, and Integrated Lights-Out 4 (aka iLO 4) mRCA firmware before 2.32 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. Múltiples vulnerabilidades no especificadas en firmware HPE Integrated Lights-Out 3 (también conocido como iLO 3) en versiones anteriores a 1.88, firmware Integrated L... • http://www.securityfocus.com/bid/92484 •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5435
https://notcve.org/view.php?id=CVE-2015-5435
29 Sep 2015 — Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 3 before 1.85 and 4 before 2.22 allows remote authenticated users to cause a denial of service via unknown vectors. Vulnerabilidad no especificada en HP Integrated Lights-Out (iLO) firmware 3 en versiones anteriores a 1.85 y 4 en versiones anteriores a 2.22, permite a usuarios remotos autenticados provocar una denegación de servicio a través de vectores desconocidos. • http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04785857 •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2015-2106 – HP Security Bulletin HPSBHF03276 1
https://notcve.org/view.php?id=CVE-2015-2106
25 Mar 2015 — Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial of service via unknown vectors. Vulnerabilidad no especificada en el firmware HP Integrated Lights-Out (iLO) 2 anterior a 2.27, 3 anterior a 1.82, y 4 anterior a 2.10 permite a atacantes remotos evadir las restricciones de acceso o causar una denegación de servicio a través de vectores desconocidos. A potential s... • http://www.securityfocus.com/bid/73324 •
CVSS: 10.0EPSS: 20%CPEs: 3EXPL: 0CVE-2014-7876 – HP Security Bulletin HPSBHF03151 1
https://notcve.org/view.php?id=CVE-2014-7876
25 Mar 2015 — Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management (CM) firmware before 1.30 allows remote attackers to gain privileges, execute arbitrary code, or cause a denial of service via unknown vectors. Vulnerabilidad no especificada en el firmware HP Integrated Lights-Out (iLO) 2 anterior a 2.27 y 4 anterior a 2.03 y el firmware iLO Chassis Management (CM) anterior a 1.30 permite a atacantes remotos ganar privilegios, ejecutar código arbi... • http://www.securitytracker.com/id/1031972 •
CVSS: 7.8EPSS: 4%CPEs: 11EXPL: 0CVE-2014-2601 – HP Security Bulletin HPSBHF03006
https://notcve.org/view.php?id=CVE-2014-2601
24 Apr 2014 — The server in HP Integrated Lights-Out 2 (aka iLO 2) 2.23 and earlier allows remote attackers to cause a denial of service via crafted HTTPS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool. El servidor en HP Integrated Lights-Out 2 (también conocido como iLO 2) 2.23 y anteriores permite a atacantes remotos causar una denegación de servicio a través de trafico HTTPS manipulado, tal y como fue demostrado por trafico de una herramienta de asesoramiento de vulnerabilidad d... • http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04249852-1 •
CVSS: 6.8EPSS: 0%CPEs: 8EXPL: 0CVE-2013-4842 – HP Security Bulletin HPSBHF02939
https://notcve.org/view.php?id=CVE-2013-4842
13 Nov 2013 — Cross-site scripting (XSS) vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en HP Integrated Lights-Out 4 (iLO4) con firmware anterior a la versión 1.32 permite a atacantes remotos inyectar script web arbitrario o HTML a través de vectores sin especificar. Potential security vulnerabilities have been identified with HP Integrated Lights-Out 4 (iLO4). The vulnerabilities c... • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 8EXPL: 0CVE-2013-4843 – HP Security Bulletin HPSBHF02939
https://notcve.org/view.php?id=CVE-2013-4843
13 Nov 2013 — Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors. Vulnerabilidad no especificada en HP Integrated Lights-Out 4 (iLO4) con el firmware anterior a 1.32 que permite a usuarios autenticados remotos obtener información sensible a través de vectores desconocidos. Potential security vulnerabilities have been identified with HP Integrated Lights-Out 4 (iLO4). The vulnerabilities could be exp... • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804 •
CVSS: 9.8EPSS: 0%CPEs: 13EXPL: 0CVE-2013-4805 – HP Security Bulletin HPSBMU02902
https://notcve.org/view.php?id=CVE-2013-4805
01 Aug 2013 — Unspecified vulnerability in HP Integrated Lights-Out 3 (aka iLO3) firmware before 1.60 and 4 (aka iLO4) firmware before 1.30 allows remote attackers to bypass authentication via unknown vectors. Vulnerabilidad no especificada en HP Integrated Lights-Out 3 (también conocido como iLO3) firmware anterior a v1.60 y 4 (también conocido como iLO4) firmware anterior a v1.30, permite a atacantes remotos evitar la autenticación a través de vectores desconocidos. A potential security vulnerability has been identifie... • http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03844348 •