Hpe Integrated Lights-Out 5 Firmware vulnerabilities
17 known vulnerabilities affecting hpe/integrated_lights-out_5_firmware.
Total CVEs
17
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH14MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2023-50272P2CRITICALCVSS 9.8≥ 2.63, ≤ 3.002023-12-19
CVE-2023-50272 [CRITICAL] CWE-288 CVE-2023-50272: A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and In
A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 6 (iLO 6). The vulnerability could be remotely exploited to allow authentication bypass.
nvd
CVE-2022-28639P3HIGHCVSS 8.8fixed in 2.722022-09-20
CVE-2022-28639 [HIGH] CWE-400 CVE-2022-28639: A remote potential adjacent denial of service (DoS) and potential adjacent arbitrary code execution
A remote potential adjacent denial of service (DoS) and potential adjacent arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 (iLO 5) in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for HPE Integrated Light
nvd
CVE-2022-28640P3HIGHCVSS 8.8fixed in 2.722022-09-20
CVE-2022-28640 [HIGH] CWE-94 CVE-2022-28640: A potential local adjacent arbitrary code execution vulnerability that could potentially lead to a l
A potential local adjacent arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability was discovered in HPE Integrated Lights-Out 5 (iLO 5) in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for HPE Integrated Lights-Out 5 (iLO 5) that addresses this security vuln
nvd
CVE-2022-28632P3HIGHCVSS 8.8fixed in 2.712022-08-12
CVE-2022-28632 [HIGH] CVE-2022-28632: A potential arbitrary code execution and a denial of service (DoS) vulnerability within an isolated
A potential arbitrary code execution and a denial of service (DoS) vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could exploit this vulnerability in an adjacent network to potentially execute arbitrary code in an isolated process resulting in a complete l
nvd
CVE-2022-28631P3HIGHCVSS 8.8fixed in 2.712022-08-12
CVE-2022-28631 [HIGH] CVE-2022-28631: A potential arbitrary code execution and a denial of service (DoS) vulnerability within an isolated
A potential arbitrary code execution and a denial of service (DoS) vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could exploit this vulnerability in an adjacent network to potentially execute arbitrary code in an isolated process resulting in a complete l
nvd
CVE-2022-28627P3HIGHCVSS 8.4fixed in 2.712022-08-12
CVE-2022-28627 [HIGH] CVE-2022-28627: A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5)
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability. HPE has provided a firmware update to resolve this vulnera
nvd
CVE-2022-28628P3HIGHCVSS 8.4fixed in 2.712022-08-12
CVE-2022-28628 [HIGH] CVE-2022-28628: A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5)
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability. HPE has provided a firmware update to resolve this vulnera
nvd
CVE-2022-28629P3HIGHCVSS 7.8fixed in 2.712022-08-12
CVE-2022-28629 [HIGH] CVE-2022-28629: A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5)
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. A low privileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability. HPE has provided a firmware update to resolve this vulner
nvd
CVE-2022-28638P3HIGHCVSS 7.8fixed in 2.722022-09-20
CVE-2022-28638 [HIGH] CWE-200 CVE-2022-28638: An isolated local disclosure of information and potential isolated local arbitrary code execution vu
An isolated local disclosure of information and potential isolated local arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 (iLO 5) in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for HPE Integrated Lights
nvd
CVE-2022-28637P3HIGHCVSS 7.8fixed in 2.722022-09-20
CVE-2022-28637 [HIGH] CVE-2022-28637: A local Denial of Service (DoS) and local arbitrary code execution vulnerability that could potentia
A local Denial of Service (DoS) and local arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 (iLO 5) in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for HPE Integrated Lights-Out 5 (iLO 5) that addresses these sec
nvd
CVE-2022-28635P3HIGHCVSS 7.4fixed in 2.712022-08-12
CVE-2022-28635 [HIGH] CVE-2022-28635: A potential local arbitrary code execution and a local denial of service (DoS) vulnerability within
A potential local arbitrary code execution and a local denial of service (DoS) vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to potentially execute arbitrary code in an isolated process resulting in a complete loss
nvd
CVE-2022-28636P3HIGHCVSS 7.4fixed in 2.712022-08-12
CVE-2022-28636 [HIGH] CVE-2022-28636: A potential local arbitrary code execution and a local denial of service (DoS) vulnerability within
A potential local arbitrary code execution and a local denial of service (DoS) vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to potentially execute arbitrary code in an isolated process resulting in a complete loss
nvd
CVE-2022-28630P3HIGHCVSS 7.3fixed in 2.712022-08-12
CVE-2022-28630 [HIGH] CVE-2022-28630: A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5)
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality and integrity, and a partial loss of availability. User interaction is required to explo
nvd
CVE-2022-28633P3HIGHCVSS 7.3fixed in 2.712022-08-12
CVE-2022-28633 [HIGH] CVE-2022-28633: A local disclosure of sensitive information and a local unauthorized data modification vulnerability
A local disclosure of sensitive information and a local unauthorized data modification vulnerability were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to read and write to the iLO 5 firmware file system resulting in a complete loss of confidentiality and a p
nvd
CVE-2023-30911P4HIGHCVSS 7.5fixed in 2.982023-10-18
CVE-2023-30911 [HIGH] CVE-2023-30911: HPE Integrated Lights-Out 5, and Integrated Lights-Out 6 using iLOrest may cause denial of service.
HPE Integrated Lights-Out 5, and Integrated Lights-Out 6 using iLOrest may cause denial of service.
nvd
CVE-2022-28626P4MEDIUMCVSS 6.7fixed in 2.712022-08-12
CVE-2022-28626 [MEDIUM] CVE-2022-28626: A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5)
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. A highly privileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability. HPE has provided a firmware update to resolve this v
nvd
CVE-2022-28634P4MEDIUMCVSS 6.7fixed in 2.712022-08-12
CVE-2022-28634 [MEDIUM] CVE-2022-28634: A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5)
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. A highly privileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability. HPE has provided a firmware update to resolve this v
nvd