HP Integrated Lights-Out Remote Unauthorized Access Vulnerability Network Vulnerability

Summary

HP Integrated Lights-Out is prone to an unauthorized access vulnerability.

Impact

A remote attacker can exploit this issue to gain unauthorized administrative access to the affected application. Successful exploits will completely compromise the affected computer.

Solution

Updates are available.

Insight

An unspecified vulnerability allows remote attackers to execute arbitrary code via unknown vectors.

Affected

HP Integrated Lights-Out 3 (aka iLO3) with firmware before 1.57 and 4 (aka iLO4) with firmware before 1.22, when Single-Sign-On (SSO) is used.

Detection

Check the firmware version.

References

http://www.hp.com
http://www.securityfocus.com/bid/60480

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-2338
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe ColdFusion Authentication Bypass Vulnerability
Apache Tomcat Windows Installer Privilege Escalation Vulnerability
Atlassian JIRA Privilege Escalation and Multiple Cross Site Scripting Vulnerabilities
AlienVault OSSIM SQL Injection and Remote Code Execution Vulnerabilities
'research_display.php' SQL Injection Vulnerability

Take action and discover your vulnerabilities