CVE-2018-7078

3 documents3 sources

Severity

7.2HIGH

EPSS

3.3%

top 12.87%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Integrated Lights-out 4 Firmware HP Integrated Lights-out 5 Firmware

Timeline

PublishedAug 6

Latest updateMay 14

Description

A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2.60 and HPE Integrated Lights-Out 5 (iLO 5) earlier than version v1.30.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages2 packages

▶NVDhp/integrated_lights-out_4_firmware< 2.60

▶NVDhp/integrated_lights-out_5_firmware< 1.30

🔴Vulnerability Details

GHSA

GHSA-3h97-h7g6-m9hp: A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2↗2022-05-14

▶

CVEList

CVE-2018-7078: A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2↗2018-08-06

▶