CVE-2017-12543
HPE Security Bulletin HPESBHF03705 4
Severity Score
6.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A remote disclosure of information vulnerability in Moonshot Remote Console Administrator Prior to 2.50, iLO4 prior to v2.53, iLO3 prior to v1.89 and iLO2 prior to v2.30 was found.
Se ha encontrado una vulnerabilidad de divulgación remota de información en Moonshot Remote Console Administrator en versiones anteriores a la 2.50; iLO 4 en versiones anteriores a la v2.53, iLO3 en versiones anteriores a la v1.89 y iLO2 en versiones anteriores a la v2.30.
A potential security vulnerability has been identified in HPE iLO 4, 3, 2 and Moonshot RCA. The vulnerability could be exploited remotely to allow disclosure of information. Revision 4 of this advisory.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-08-05 CVE Reserved
- 2017-11-16 CVE Published
- 2024-09-17 CVE Updated
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/101944 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03705en_us | 2018-03-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Hp Search vendor "Hp" | Integrated Lights-out 2 Firmware Search vendor "Hp" for product "Integrated Lights-out 2 Firmware" | < 2.30 Search vendor "Hp" for product "Integrated Lights-out 2 Firmware" and version " < 2.30" | - |
Affected
| in | Hp Search vendor "Hp" | Integrated Lights-out Search vendor "Hp" for product "Integrated Lights-out" | - | - |
Safe
|
| Hp Search vendor "Hp" | Integrated Lights-out 3 Firmware Search vendor "Hp" for product "Integrated Lights-out 3 Firmware" | < 1.89 Search vendor "Hp" for product "Integrated Lights-out 3 Firmware" and version " < 1.89" | - |
Affected
| in | Hp Search vendor "Hp" | Integrated Lights-out Search vendor "Hp" for product "Integrated Lights-out" | - | - |
Safe
|
| Hp Search vendor "Hp" | Integrated Lights-out 4 Firmware Search vendor "Hp" for product "Integrated Lights-out 4 Firmware" | < 2.53 Search vendor "Hp" for product "Integrated Lights-out 4 Firmware" and version " < 2.53" | - |
Affected
| in | Hp Search vendor "Hp" | Integrated Lights-out Search vendor "Hp" for product "Integrated Lights-out" | - | - |
Safe
|
| Hp Search vendor "Hp" | Moonshot Remote Console Administrator Search vendor "Hp" for product "Moonshot Remote Console Administrator" | < 2.50 Search vendor "Hp" for product "Moonshot Remote Console Administrator" and version " < 2.50" | - |
Affected
| ||||||