CVE-2017-8979 — Packard Enterprise Integrated Lights-out 2 vulnerability

3 documents3 sources

Severity

9.8CRITICALNVD

EPSS

2.7%

top 14.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Hewlett Packard Enterprise Integrated Lights-out 2 HP Integrated Lights-out 2 Firmware

Timeline

PublishedFeb 15

Latest updateMay 13

Description

Security vulnerabilities in the HPE Integrated Lights-Out 2 (iLO 2) firmware could be exploited remotely to allow authentication bypass, code execution, and denial of service.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

▶NVDhp/integrated_lights-out_2_firmware2.29

▶CVEListV5hewlett_packard_enterprise/integrated_lights-out_22.29

🔴Vulnerability Details

GHSA

GHSA-x3xr-3gr5-982m: Security vulnerabilities in the HPE Integrated Lights-Out 2 (iLO 2) firmware could be exploited remotely to allow authentication bypass, code executio↗2022-05-13

▶

CVEList

CVE-2017-8979: Security vulnerabilities in the HPE Integrated Lights-Out 2 (iLO 2) firmware could be exploited remotely to allow authentication bypass, code executio↗2018-02-15

▶