CVE-2014-2601
published 2014-04-24CVE-2014-2601: The server in HP Integrated Lights-Out 2 (aka iLO 2) 2.23 and earlier allows remote attackers to cause a denial of service via crafted HTTPS traffic, as…
PriorityP335high7.8CVSS 2.0
AVNACLAuNCNINAC
EPSS
3.96%
89.1th percentile
The server in HP Integrated Lights-Out 2 (aka iLO 2) 2.23 and earlier allows remote attackers to cause a denial of service via crafted HTTPS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hp | integrated_lights-out_2_firmware | <= 2.23 | — |
| hp | integrated_lights-out_2_firmware | — | — |
| hp | integrated_lights-out_2_firmware | — | — |
| hp | integrated_lights-out_2_firmware | — | — |
| hp | integrated_lights-out_2_firmware | — | — |
| hp | integrated_lights-out_2_firmware | — | — |
| hp | integrated_lights-out_2_firmware | — | — |
| hp | integrated_lights-out_2_firmware | — | — |
| hp | integrated_lights-out_2_firmware | — | — |
| hp | integrated_lights-out_2_firmware | — | — |
| hp | integrated_lights-out_2_firmware | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
HP Integrated Lights-Out up to 2.24 SSL Heartbleed Check denial of service (c04249852 / EDB-32745)
vuldb·2026-05-12·CVSS 7.8
CVE-2014-2601 [HIGH] HP Integrated Lights-Out up to 2.24 SSL Heartbleed Check denial of service (c04249852 / EDB-32745)
A vulnerability identified as problematic has been detected in HP Integrated Lights-Out up to 2.24. This vulnerability affects unknown code of the component SSL Handler. Performing a manipulation as part of Heartbleed Check results in denial of service.
This vulnerability is identified as CVE-2014-2601. The attack can be initiated remotely. Additionally, an exploit exists.
You should upgrade the affected component.
GHSA
GHSA-mq67-6m35-r8cm: The server in HP Integrated Lights-Out 2 (aka iLO 2) 2
ghsa_unreviewed·2022-05-17·CVSS 7.5
CVE-2014-2601 [HIGH] GHSA-mq67-6m35-r8cm: The server in HP Integrated Lights-Out 2 (aka iLO 2) 2
The server in HP Integrated Lights-Out 2 (aka iLO 2) 2.23 and earlier allows remote attackers to cause a denial of service via crafted HTTPS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04249852-1http://www.securitytracker.com/id/1030148https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04244787https://isc.sans.edu/forums/diary/Be+Careful+what+you+Scan+for/18017/http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04249852-1http://www.securitytracker.com/id/1030148https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04244787https://isc.sans.edu/forums/diary/Be+Careful+what+you+Scan+for/18017/
2014-04-24
Published