PT-2018-17908 · Hewlett Packard · Hpe Moonshot Ilo Chassis Manager+5
Published
2018-09-13
·
Updated
2019-10-03
·
CVE-2018-7105
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
HPE Integrated Lights-Out 5 (iLO 5) versions prior to 1.35
HPE Integrated Lights-Out 4 (iLO 4) versions prior to 2.61
HPE Integrated Lights-Out 3 (iLO 3) versions prior to 1.90
HPE Integrated Lights-Out (iLO) Moonshot versions prior to 2.51
Moonshot iLO Chassis Manager versions prior to 1.58
Description
A security issue in HPE Integrated Lights-Out could be remotely exploited to execute arbitrary code, leading to disclosure of information. This could allow an administrator to execute arbitrary code and disclose sensitive information locally.
Recommendations
For HPE Integrated Lights-Out 5 (iLO 5) versions prior to 1.35, update to version 1.35 or later.
For HPE Integrated Lights-Out 4 (iLO 4) versions prior to 2.61, update to version 2.61 or later.
For HPE Integrated Lights-Out 3 (iLO 3) versions prior to 1.90, update to version 1.90 or later.
For HPE Integrated Lights-Out (iLO) Moonshot versions prior to 2.51, update to version 2.51 or later.
For Moonshot iLO Chassis Manager versions prior to 1.58, update to version 1.58 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Hpe Integrated Lights-Out 3
Hpe Integrated Lights-Out 4
Hpe Integrated Lights-Out 5
Hpe Integrated Lights-Out Moonshot
Hpe Ilo
Hpe Moonshot Ilo Chassis Manager