Vulnerabilities > CVE-2014-2601 - Unspecified vulnerability in HP Integrated Lights-Out 2 Firmware

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
hp
nessus
NVD
Published: 2014-04-24
Updated: 2024-11-21

Summary

The server in HP Integrated Lights-Out 2 (aka iLO 2) 2.23 and earlier allows remote attackers to cause a denial of service via crafted HTTPS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool.

Vulnerable Configurations

Part Description Count
OS
Hp
12

Nessus

  • NASL familyCGI abuses
    NASL idILO_V2_DOS.NASL
    descriptionAccording to its version number, the remote HP Integrated Lights-Out 2 (iLO 2) server is affected by a denial of service vulnerability. While iLO 2 is not affected by the Heartbleed vulnerability, network traffic from generated by tools used to test for that may cause this device to crash.
    last seen2020-06-01
    modified2020-06-02
    plugin id73918
    published2014-05-08
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/73918
    titleHP iLO 2 <= 2.23 DoS
  • NASL familyCGI abuses
    NASL idILO_HPSBHF_03006.NASL
    descriptionA denial of service (DoS) vulnerability exists in Integrated Lights-Out (iLO) 2 due to incorrect handling of https traffic. An unauthenticated, remote attacker can exploit this issue to cause the application to stop responding.
    last seen2020-06-01
    modified2020-06-02
    plugin id122257
    published2019-02-18
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122257
    titleiLO 2 <= 2.23 Denial of Service Vulnerability

References