HP Integrated Lights-Out Unspecified Authentication Bypass Vulnerability Network Vulnerability

Summary

HP Integrated Lights-Out is prone to an authentication-bypass vulnerability.

Impact

An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions on the affected computer. This may aid in further attacks.

Solution

Updates are available.

Insight

Bypass authentication via unknown vectors.

Affected

HP Integrated Lights-Out 3 (aka iLO3) firmware before 1.60 and 4 (aka iLO4) firmware before 1.30

Detection

Check the firmware version.

References

http://www.hp.com/
http://www.securityfocus.com/bid/61556

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-4805
CVSS Base Score: 9.0
AV:N/AC:L/Au:N/C:P/I:P/A:C

Related Vulnerabilities

Apache Struts2 'URL' & 'Anchor' tags Arbitrary Java Method Execution Vulnerabilities
AlefMentor Multiple SQL Injection Vulnerabilities
'research_display.php' SQL Injection Vulnerability
AdaptBB Multiple Input Validation Vulnerabilities
AjaXplorer zoho plugin Directory Traversal Vulnerability

Take action and discover your vulnerabilities