Vulnerabilities > CVE-2018-7101 - Unspecified vulnerability in HP products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
A potential remote denial of service security vulnerability has been identified in HPE Integrated Lights Out 4 prior to v2.60 and iLO 5 for Gen 10 servers prior to v1.30.
Vulnerable Configurations
Nessus
NASL family | CGI abuses |
NASL id | ILO_HPESBHF_03844.NASL |
description | According to its version number, the remote HP Integrated Lights-Out (iLO) server is affected by multiple vulnerabilities: - A remote command execution vulnerability exists in HP Integrated Lights-Out (iLO) server due to an unspecified reason. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands on the server (CVE-2018-7078). - A denial of service (DoS) vulnerability exists in HP Integrated Lights-Out (iLO) server due to unspecified reason. An unauthenticated, remote attacker can exploit this issue to cause the application to stop responding (CVE-2018-7101). |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 122032 |
published | 2019-02-08 |
reporter | This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/122032 |
title | iLO 4 < 2.60 / iLO 5 < 1.30 Multiple Vulnerabilities |