PT-2013-3681 · Hewlett Packard · Hp Integrated Lights-Out 3+2

Published

2013-06-04

Updated

2019-10-09

CVE-2013-2338

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions HP Integrated Lights-Out 3 (iLO3) versions prior to 1.57 HP Integrated Lights-Out 4 (iLO4) versions prior to 1.22

Description The issue concerns an unspecified vulnerability in HP Integrated Lights-Out 3 and 4 when Single-Sign-On (SSO) is used. This could allow remote attackers to execute arbitrary code, resulting in unauthorized access.

Recommendations For HP Integrated Lights-Out 3 (iLO3) versions prior to 1.57, update the firmware to version 1.57 or later. For HP Integrated Lights-Out 4 (iLO4) versions prior to 1.22, update the firmware to version 1.22 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2013-2338

Affected Products

Hp Integrated Lights-Out 3

Hpe Integrated Lights-Out 4

Hpe Ilo

PT-2013-3681 · Hewlett Packard · Hp Integrated Lights-Out 3+2

CVE-2013-2338

Related Identifiers

Affected Products

References · 3