Vulnerabilities > CVE-2016-4375 - Security vulnerability in HP products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

NVD

Published: 2016-09-08

Updated: 2016-11-28

Summary

Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 (aka iLO 3) firmware before 1.88, Integrated Lights-Out 4 (aka iLO 4) firmware before 2.44, and Integrated Lights-Out 4 (aka iLO 4) mRCA firmware before 2.32 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.

Vulnerable Configurations

Part	Description	Count
OS	Hp HP Integrated Lights OUT 3 Firmware 1.87 HP Integrated Lights OUT 4 Firmware 2.43 HP Integrated Lights OUT 4 Mrca Firmware 2.31	3
Hardware	Hp HP Integrated Lights OUT 3 - HP Integrated Lights OUT 4 -	2

References

http://www.securityfocus.com/bid/92484
http://www.securitytracker.com/id/1036629
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05236950