Vulnerabilities > CVE-2013-4843 - Unspecified vulnerability in HP products

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
hp
nessus

Summary

Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors.

Nessus

  • NASL familyCGI abuses
    NASL idILO_1_32__1_65.NASL
    descriptionAccording to its version number, the remote HP Integrated Lights-Out (iLO) server is affected by the following vulnerabilities : - An unspecified error exists that could allow cross- site scripting attacks. (CVE-2013-4842 / SSRT101323) - An unspecified error exists that could allow an attacker to obtain sensitive information. (CVE-2013-4843 / SSRT101326)
    last seen2020-06-01
    modified2020-06-02
    plugin id71494
    published2013-12-17
    reporterThis script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/71494
    titleiLO 3 < 1.65 / iLO 4 < 1.32 Multiple Vulnerabilities
  • NASL familyCGI abuses
    NASL idILO_HPSBHF_02939.NASL
    descriptionAccording to its version number, the firmware of Integrated Lights-Out running on the remote web server is iLO 3 prior to 1.65 or iLO 4 prior to 1.32. It is, therefore, affected by multiple vulnerabilities: - A cross-site scripting (XSS) vulnerability exists due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a user to click a specially crafted URL, to execute arbitrary script code in a user
    last seen2020-06-01
    modified2020-06-02
    plugin id122188
    published2019-02-14
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122188
    titleiLO 3 < 1.65 / iLO 4 < 1.32 Multiple Vulnerabilities