Vulnerabilities > HP > Integrated Lights OUT 5 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-12 | CVE-2021-46846 | Cross-site Scripting vulnerability in HP Integrated Lights-Out 5 Firmware 1.30/1.37/1.40 Cross Site Scripting vulnerability in Hewlett Packard Enterprise Integrated Lights-Out 5. | 6.1 |
| 2019-06-05 | CVE-2019-11983 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HP products A remote buffer overflow vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39. | 8.3 |
| 2019-06-05 | CVE-2019-11982 | Cross-site Scripting vulnerability in HP products A remote cross site scripting vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39. | 7.6 |
| 2019-04-09 | CVE-2018-7117 | Cross-site Scripting vulnerability in HP Integrated Lights-Out 5 Firmware A remote Cross-Site Scripting in HPE iLO 5 Web User Interface vulnerability was identified in HPE Integrated Lights-Out 5 (iLO 5) for Gen10 ProLiant Servers earlier than version v1.40. | 4.3 |
| 2018-12-03 | CVE-2018-7113 | Unspecified vulnerability in HP Integrated Lights-Out 5 Firmware A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) prior to v1.37 could be locally exploited to bypass the security restrictions for firmware updates. | 7.2 |
| 2018-09-27 | CVE-2018-7105 | Unspecified vulnerability in HP products A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90 could be remotely exploited to execute arbitrary code leading to disclosure of information. | 9.0 |
| 2018-09-27 | CVE-2018-7101 | Unspecified vulnerability in HP products A potential remote denial of service security vulnerability has been identified in HPE Integrated Lights Out 4 prior to v2.60 and iLO 5 for Gen 10 servers prior to v1.30. | 5.0 |
| 2018-08-14 | CVE-2018-7093 | Unspecified vulnerability in HP products A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior to v2.55 could be remotely exploited to create a denial of service. | 7.8 |
| 2018-08-06 | CVE-2018-7078 | Unspecified vulnerability in HP products A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2.60 and HPE Integrated Lights-Out 5 (iLO 5) earlier than version v1.30. | 9.0 |