Vulnerabilities > HP > Integrated Lights OUT 3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-09-08 | CVE-2016-4379 | Cryptographic Issues vulnerability in HP Integrated Lights-Out 3 Firmware The TLS implementation in HPE Integrated Lights-Out 3 (aka iLO3) firmware before 1.88 does not properly use a MAC protection mechanism in conjunction with CBC padding, which allows remote attackers to obtain sensitive information via a padding-oracle attack, aka a Vaudenay attack. | 4.3 |
2016-09-08 | CVE-2016-4375 | Security vulnerability in HP products Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 (aka iLO 3) firmware before 1.88, Integrated Lights-Out 4 (aka iLO 4) firmware before 2.44, and Integrated Lights-Out 4 (aka iLO 4) mRCA firmware before 2.32 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. | 7.5 |