PT-2022-19123 · Hewlett Packard · Hpe Integrated Lights-Out 5+1
Published
2022-07-28
·
Updated
2022-08-16
·
CVE-2022-28634
CVSS v3.1
6.7
Medium
| Vector | AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
HPE Integrated Lights-Out 5 (iLO 5) versions prior to 2.71
Description
A local arbitrary code execution issue was discovered, allowing a highly privileged user to execute arbitrary code, resulting in a complete loss of confidentiality, integrity, and availability. This issue could potentially lead to denial of service (DoS), sensitive information disclosure, and unauthorized data modification.
Recommendations
For HPE Integrated Lights-Out 5 (iLO 5) versions prior to 2.71, update the firmware to version 2.71 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Hpe Integrated Lights-Out 5
Hpe Ilo