HP Integrated Lights-Out Remote Unauthorized Access Vulnerability Network Vulnerability

Summary

HP Integrated Lights-Out is prone to an unauthorized access vulnerability.

Impact

A remote attacker can exploit this issue to gain unauthorized administrative access to the affected application. Successful exploits will completely compromise the affected computer.

Solution

Updates are available.

Insight

An unspecified vulnerability allows remote attackers to execute arbitrary code via unknown vectors.

Affected

HP Integrated Lights-Out 3 (aka iLO3) with firmware before 1.57 and 4 (aka iLO4) with firmware before 1.22, when Single-Sign-On (SSO) is used.

Detection

Check the firmware version.

References

http://www.hp.com
http://www.securityfocus.com/bid/60480

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-2338

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

A Really Simple Chat Multiple SQL Injection Vulnerabilities
ATutor password reminder SQL injection
ATutor < 1.5.1-pl1 Multiple Flaws
Apache Solr XML External Entity(XXE) Vulnerability-02 Jan-14
Apache Struts ClassLoader Manipulation Vulnerabilities

Take action and discover your vulnerabilities