Lucene search
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.ILO_HPESBHF_03769.NASLHistoryFeb 11, 2019 - 12:00 a.m.
iLO 4 < 2.53 Remote Code Execution Vulnerability
2019-02-1100:00:00
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
387
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
0.972 High
EPSS
Percentile
99.8%
A remote command execution vulnerability exists in Integrated Lights-Out 4 (iLO 4) due to a buffer overflow in the server’s http connection handling code. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(122095);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/05/18");
script_cve_id("CVE-2017-12542");
script_name(english:"iLO 4 < 2.53 Remote Code Execution Vulnerability");
script_summary(english:"Checks version of HP Integrated Lights-Out (iLO).");
script_set_attribute(attribute:"synopsis", value:
"The remote HP Integrated Lights-Out (iLO) server's web interface is
affected by a remote code execution vulnerability.");
script_set_attribute(attribute:"description", value:
"A remote command execution vulnerability exists in Integrated
Lights-Out 4 (iLO 4) due to a buffer overflow in the server's http
connection handling code. An unauthenticated, remote attacker can
exploit this to bypass authentication and execute arbitrary commands.");
# https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03769en_us
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?fd1b001e");
script_set_attribute(attribute:"solution", value:
"Upgrade firmware of HP Integrated Lights-Out 4 (iLO 4) to 2.53, or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-12542");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
script_set_attribute(attribute:"canvas_package", value:'CANVAS');
script_set_attribute(attribute:"vuln_publication_date", value:"2017/08/24");
script_set_attribute(attribute:"patch_publication_date", value:"2017/05/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/02/11");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:integrated_lights-out_firmware");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses");
script_copyright(english:"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ilo_detect.nasl");
script_require_keys("www/ilo", "ilo/generation", "ilo/firmware");
script_require_ports("Services/www", 80);
exit(0);
}
include('http.inc');
include('vcf.inc');
include('vcf_extras.inc');
var port = get_http_port(default:80, embedded: TRUE);
var app_info = vcf::get_app_info(app:'ilo', port:port, webapp:TRUE);
vcf::ilo::check_superdome(audit:TRUE);
var constraints = [{'generation': '4', 'fixed_version':'2.53'}];
vcf::ilo::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| hp | integrated_lights-out_firmware | cpe:/o:hp:integrated_lights-out_firmware |
Related
prion
prion
Design/Logic Flaw
2018-02-15 22:29:00
nuclei
nuclei
HPE Integrated Lights-out 4 (ILO4) <2.53 - Authentication Bypass
2021-03-23 11:26:08
packetstorm
packetstorm
HPE iLO4 Add New Administrator User
2018-02-08 00:00:00
checkpoint_advisories
checkpoint_advisories
HPE Lights-Out Authentication Bypass (CVE-2017-12542)
2018-11-22 00:00:00
HPE Integrated Lights-Out 4 Authentication Bypass (CVE-2017-12542)
2018-07-08 00:00:00
cve
cve
CVE-2017-12542
2018-02-15 22:29:04
nvd
nvd
CVE-2017-12542
2018-02-15 22:29:04
canvas
canvas
Immunity Canvas: HPE_ILO4_ADDNEWADMIN
2018-02-15 22:29:00
attackerkb
attackerkb
CVE-2017-12542
2018-02-15 00:00:00
exploitpack
exploitpack
HPE iLO 4 2.53 - Add New Administrator User
2018-02-05 00:00:00
cvelist
cvelist
CVE-2017-12542
2017-08-24 00:00:00
zdt
zdt
HPE iLO4 < 2.53 - Add New Administrator User Exploit
2018-02-08 00:00:00
seebug
seebug
nessus
nessus
HP iLO 4 <= 2.52 RCE
2017-08-28 00:00:00
openvas
openvas
HP Integrated Lights-Out (iLO) 4 Multiple Remote Vulnerabilities
2017-08-25 00:00:00
exploitdb
exploitdb
HPE iLO 4 < 2.53 - Add New Administrator User
2018-02-05 00:00:00
kitploit
kitploit
Shodan Dorks
2024-03-18 11:30:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
0.972 High
EPSS
Percentile
99.8%
Related for ILO_HPESBHF_03769.NASL