CVE-2014-2601

3 documents3 sources

Severity

7.8HIGH

EPSS

3.5%

top 12.46%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Integrated Lights-out 2 Firmware

Timeline

PublishedApr 24

Latest updateMay 17

Description

The server in HP Integrated Lights-Out 2 (aka iLO 2) 2.23 and earlier allows remote attackers to cause a denial of service via crafted HTTPS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

▶NVDhp/integrated_lights-out_2_firmware2.23+10

Patches

Patch: h20564.www2.hp.com ↗Patch: h20564.www2.hp.com ↗

🔴Vulnerability Details

GHSA

GHSA-mq67-6m35-r8cm: The server in HP Integrated Lights-Out 2 (aka iLO 2) 2↗2022-05-17

▶

CVEList

CVE-2014-2601: The server in HP Integrated Lights-Out 2 (aka iLO 2) 2↗2014-04-24

▶