Vulnerabilities > CVE-2013-4805 - Authentication Bypass vulnerability in HP Integrated Lights-Out

CVSS 9.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

COMPLETE

network

low complexity

critical

NVD

Published: 2013-08-05

Updated: 2013-08-22

Summary

Unspecified vulnerability in HP Integrated Lights-Out 3 (aka iLO3) firmware before 1.60 and 4 (aka iLO4) firmware before 1.30 allows remote attackers to bypass authentication via unknown vectors.

Vulnerable Configurations

Part	Description	Count
OS	Hp HP Integrated Lights OUT Firmware 1.10 HP Integrated Lights OUT Firmware 1.15 HP Integrated Lights OUT Firmware 1.15A HP Integrated Lights OUT Firmware 1.16A HP Integrated Lights OUT Firmware 1.20A HP Integrated Lights OUT Firmware 1.26A HP Integrated Lights OUT Firmware 1.27A HP Integrated Lights OUT Firmware 1.40A HP Integrated Lights OUT Firmware 1.41A HP Integrated Lights OUT Firmware 1.42A HP Integrated Lights OUT Firmware 1.50 HP Integrated Lights OUT Firmware 1.50A HP Integrated Lights OUT Firmware 1.6A HP Integrated Lights OUT Firmware 1.51A	14

Summary

Vulnerable Configurations

References