Vulnerabilities > HP > Integrated Lights OUT 5

DATE CVE VULNERABILITY TITLE RISK
2023-03-22 CVE-2023-28083 Cross-site Scripting vulnerability in HP products
A remote Cross-site Scripting vulnerability was discovered in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4).
network
low complexity
hp CWE-79
5.4
2021-05-25 CVE-2021-29208 Injection vulnerability in HP Integrated Lights-Out 4 and Integrated Lights-Out 5
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
network
low complexity
hp CWE-74
4.8
2021-05-25 CVE-2021-29209 Injection vulnerability in HP Integrated Lights-Out 4 and Integrated Lights-Out 5
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
network
low complexity
hp CWE-74
4.8
2021-05-25 CVE-2021-29210 Injection vulnerability in HP Integrated Lights-Out 4 and Integrated Lights-Out 5
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
network
low complexity
hp CWE-74
4.8
2021-05-25 CVE-2021-29211 Cross-site Scripting vulnerability in HP Integrated Lights-Out 4 and Integrated Lights-Out 5
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
network
low complexity
hp CWE-79
4.8
2021-05-25 CVE-2021-29201 Cross-site Scripting vulnerability in HP Integrated Lights-Out 4 and Integrated Lights-Out 5
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
network
low complexity
hp CWE-79
4.8
2021-05-25 CVE-2021-29202 Classic Buffer Overflow vulnerability in HP Integrated Lights-Out 4 and Integrated Lights-Out 5
A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
local
low complexity
hp CWE-120
6.7
2021-05-25 CVE-2021-29204 Cross-site Scripting vulnerability in HP Integrated Lights-Out 4 and Integrated Lights-Out 5
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
network
low complexity
hp CWE-79
4.8
2021-05-25 CVE-2021-29205 Cross-site Scripting vulnerability in HP Integrated Lights-Out 4 and Integrated Lights-Out 5
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
network
low complexity
hp CWE-79
4.8
2021-05-25 CVE-2021-29206 Cross-site Scripting vulnerability in HP Integrated Lights-Out 4 and Integrated Lights-Out 5
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
network
low complexity
hp CWE-79
4.8