HP Integrated Lights-Out Unspecified Authentication Bypass Vulnerability Network Vulnerability

Summary

HP Integrated Lights-Out is prone to an authentication-bypass vulnerability.

Impact

An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions on the affected computer. This may aid in further attacks.

Solution

Updates are available.

Insight

Bypass authentication via unknown vectors.

Affected

HP Integrated Lights-Out 3 (aka iLO3) firmware before 1.60 and 4 (aka iLO4) firmware before 1.30

Detection

Check the firmware version.

References

http://www.hp.com/
http://www.securityfocus.com/bid/61556

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-4805

CVSS	Base Score: 9.0 AV:N/AC:L/Au:N/C:P/I:P/A:C

Related Vulnerabilities

Apache Archiva Multiple Remote Command Execution Vulnerabilities
Apache Struts2 Redirection and Security Bypass Vulnerabilities
Athena Web Registration remote command execution flaw
Apache Tomcat /servlet Cross Site Scripting
Andy's PHP Knowledgebase 'step5.php' Remote PHP Code Execution Vulnerability

Take action and discover your vulnerabilities