Vulnerabilities > CVE-2018-7101 - Unspecified vulnerability in HP products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
hp
nessus

Summary

A potential remote denial of service security vulnerability has been identified in HPE Integrated Lights Out 4 prior to v2.60 and iLO 5 for Gen 10 servers prior to v1.30.

Nessus

NASL familyCGI abuses
NASL idILO_HPESBHF_03844.NASL
descriptionAccording to its version number, the remote HP Integrated Lights-Out (iLO) server is affected by multiple vulnerabilities: - A remote command execution vulnerability exists in HP Integrated Lights-Out (iLO) server due to an unspecified reason. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands on the server (CVE-2018-7078). - A denial of service (DoS) vulnerability exists in HP Integrated Lights-Out (iLO) server due to unspecified reason. An unauthenticated, remote attacker can exploit this issue to cause the application to stop responding (CVE-2018-7101).
last seen2020-06-01
modified2020-06-02
plugin id122032
published2019-02-08
reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/122032
titleiLO 4 < 2.60 / iLO 5 < 1.30 Multiple Vulnerabilities