Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2013-2338
cve-2013-2338
hp integrated lights-out
ilo3
ilo4
firmware
remote code execution
sso
nvd
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.9 High
AI Score
Confidence
Low
0.011 Low
EPSS
Percentile
84.8%
Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) cards with firmware before 1.57 and 4 (aka iLO4) cards with firmware before 1.22, when Single-Sign-On (SSO) is used, allows remote attackers to execute arbitrary code via unknown vectors.
Affected configurations
Node
hpintegrated_lights-out_3_firmwareRange≤1.55
ORhpintegrated_lights-out_3_firmwareMatch1.00
ORhpintegrated_lights-out_3_firmwareMatch1.05
ORhpintegrated_lights-out_3_firmwareMatch1.20
ORhpintegrated_lights-out_3_firmwareMatch1.26
ORhpintegrated_lights-out_3_firmwareMatch1.28
ORhpintegrated_lights-out_3_firmwareMatch1.50
Node
hpintegrated_lights-out_4_firmwareRange≤1.20
ORhpintegrated_lights-out_4_firmwareMatch1.11
ORhpintegrated_lights-out_4_firmwareMatch1.13
Related
openvas
openvas
HP Integrated Lights-Out (iLO) Remote Unauthorized Access Vulnerability
2013-09-10 00:00:00
securityvulns
securityvulns
prion
prion
Code injection
2013-06-14 19:55:00
nvd
nvd
CVE-2013-2338
2013-06-14 19:55:01
nessus
nessus
iLO 3 < 1.57 / iLO 4 < 1.22 Unspecified Arbitrary Code Execution
2013-09-03 00:00:00
cvelist
cvelist
CVE-2013-2338
2022-10-03 16:15:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.9 High
AI Score
Confidence
Low
0.011 Low
EPSS
Percentile
84.8%
Related for CVE-2013-2338