Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Hp Subscribe
Filtered by product Integrated Lights-out 2 Firmware
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-7112 1 Hp 204 Integrated Lights-out, Integrated Lights-out 2, Integrated Lights-out 2 Firmware and 201 more 2020-08-24 4.9 MEDIUM 5.5 MEDIUM
The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. This issue was resolved in previously provided firmware updates as follows. The HPE Windows firmware installer was updated in the system ROM updates which also addressed the original Spectre/Meltdown set of vulnerabilities. At that time, the Windows firmware installer was also updated in the versions of HPE Integrated Lights-Out 2, 3, and 4 (iLO 2, 3, and 4) listed in the security bulletin. The updated HPE Windows firmware installer was released in the system ROM and HPE Integrated Lights-Out (iLO) releases documented in earlier HPE Security Bulletins: HPESBHF03805, HPESBHF03835, HPESBHF03831. Windows-based systems that have already been updated to the system ROM or iLO versions described in these security bulletins require no further action.
CVE-2014-7876 1 Hp 3 Integrated Lights-out 2 Firmware, Integrated Lights-out 4 Firmware, Integrated Lights-out Chassis Management Firmware 2019-10-09 10.0 HIGH N/A
Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management (CM) firmware before 1.30 allows remote attackers to gain privileges, execute arbitrary code, or cause a denial of service via unknown vectors.
CVE-2017-8979 1 Hp 2 Integrated Lights-out, Integrated Lights-out 2 Firmware 2019-10-02 7.5 HIGH 9.8 CRITICAL
Security vulnerabilities in the HPE Integrated Lights-Out 2 (iLO 2) firmware could be exploited remotely to allow authentication bypass, code execution, and denial of service.
CVE-2017-12543 1 Hp 5 Integrated Lights-out, Integrated Lights-out 2 Firmware, Integrated Lights-out 3 Firmware and 2 more 2018-03-12 4.0 MEDIUM 6.5 MEDIUM
A remote disclosure of information vulnerability in Moonshot Remote Console Administrator Prior to 2.50, iLO4 prior to v2.53, iLO3 prior to v1.89 and iLO2 prior to v2.30 was found.
CVE-2015-2106 1 Hp 3 Integrated Lights-out 2 Firmware, Integrated Lights-out 3 Firmware, Integrated Lights-out 4 Firmware 2016-11-29 6.4 MEDIUM N/A
Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial of service via unknown vectors.
CVE-2014-2601 1 Hp 1 Integrated Lights-out 2 Firmware 2014-05-04 7.8 HIGH N/A
The server in HP Integrated Lights-Out 2 (aka iLO 2) 2.23 and earlier allows remote attackers to cause a denial of service via crafted HTTPS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool.