Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
30 vulnerabilities found for integrated_lights-out_4 by hp
CVE-2023-28083 (GCVE-0-2023-28083)
Vulnerability from nvd – Published: 2023-03-20 12:34 – Updated: 2025-02-26 19:17
VLAI?
Title
Potential Cross-Site scripting vulnerability in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4).
Summary
A remote Cross-site Scripting vulnerability was discovered in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4). HPE has provided software updates to resolve this vulnerability in HPE Integrated Lights-Out.
Severity ?
8.3 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HPE | Integrated Lights-Out |
Affected:
Integrated Lights-Out 6 (iLO 6) , < 1.20
(1.20)
Affected: Integrated Lights-Out 5 (iLO 5) , < 2.78 (2.78) Affected: Integrated Lights-Out 4 (iLO 4) , < 2.82 (2.82) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:30:23.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04456en_us"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28083",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T19:16:56.564415Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T19:17:12.354Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Integrated Lights-Out",
"vendor": "HPE",
"versions": [
{
"lessThan": "1.20",
"status": "affected",
"version": "Integrated Lights-Out 6 (iLO 6)",
"versionType": "1.20"
},
{
"lessThan": "2.78",
"status": "affected",
"version": "Integrated Lights-Out 5 (iLO 5) ",
"versionType": "2.78"
},
{
"lessThan": "2.82",
"status": "affected",
"version": "Integrated Lights-Out 4 (iLO 4)",
"versionType": "2.82"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A remote Cross-site Scripting vulnerability was discovered in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4). HPE has provided software updates to resolve this vulnerability in HPE Integrated Lights-Out."
}
],
"value": "A remote Cross-site Scripting vulnerability was discovered in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4). HPE has provided software updates to resolve this vulnerability in HPE Integrated Lights-Out."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-22T04:39:47.581Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04456en_us"
}
],
"source": {
"advisory": "HPESBHF04456",
"discovery": "UNKNOWN"
},
"title": "Potential Cross-Site scripting vulnerability in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4). ",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2023-28083",
"datePublished": "2023-03-20T12:34:16.606Z",
"dateReserved": "2023-03-10T14:47:44.211Z",
"dateUpdated": "2025-02-26T19:17:12.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23704 (GCVE-0-2022-23704)
Vulnerability from nvd – Published: 2022-05-09 20:17 – Updated: 2024-08-03 03:51
VLAI?
Summary
A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 (iLO 4) 2.80 and later.
Severity ?
No CVSS data available.
CWE
- remote denial of service (DoS)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE Integrated Lights-Out 4 (iLO 4) |
Affected:
Prior to iLO 4 version 2.80
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:45.936Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04240en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to iLO 4 version 2.80"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 (iLO 4) 2.80 and later."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote denial of service (DoS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-09T20:17:34.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04240en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2022-23704",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4)",
"version": {
"version_data": [
{
"version_value": "Prior to iLO 4 version 2.80"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 (iLO 4) 2.80 and later."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote denial of service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04240en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04240en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2022-23704",
"datePublished": "2022-05-09T20:17:34.000Z",
"dateReserved": "2022-01-19T00:00:00.000Z",
"dateUpdated": "2024-08-03T03:51:45.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29211 (GCVE-0-2021-29211)
Vulnerability from nvd – Published: 2021-05-25 14:11 – Updated: 2024-08-03 22:02
VLAI?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
Severity ?
No CVSS data available.
CWE
- remote xss
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Affected:
Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78
Affected: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.313Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote xss",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T14:11:09.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29211",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote xss"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29211",
"datePublished": "2021-05-25T14:11:09.000Z",
"dateReserved": "2021-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:02:51.313Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29210 (GCVE-0-2021-29210)
Vulnerability from nvd – Published: 2021-05-25 14:11 – Updated: 2024-08-03 22:02
VLAI?
Summary
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
Severity ?
No CVSS data available.
CWE
- remote dom xss, crlf injection
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Affected:
Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78
Affected: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote dom xss, crlf injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T14:11:03.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29210",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote dom xss, crlf injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29210",
"datePublished": "2021-05-25T14:11:03.000Z",
"dateReserved": "2021-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:02:51.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29209 (GCVE-0-2021-29209)
Vulnerability from nvd – Published: 2021-05-25 14:32 – Updated: 2024-08-03 22:02
VLAI?
Summary
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
Severity ?
No CVSS data available.
CWE
- remote dom xss, crlf injection
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Affected:
Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78
Affected: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.204Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote dom xss, crlf injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T14:32:49.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29209",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote dom xss, crlf injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29209",
"datePublished": "2021-05-25T14:32:49.000Z",
"dateReserved": "2021-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:02:51.204Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29208 (GCVE-0-2021-29208)
Vulnerability from nvd – Published: 2021-05-25 14:32 – Updated: 2024-08-03 22:02
VLAI?
Summary
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
Severity ?
No CVSS data available.
CWE
- remote dom xss, crlf injection
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Affected:
Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78
Affected: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote dom xss, crlf injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T14:32:42.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29208",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote dom xss, crlf injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29208",
"datePublished": "2021-05-25T14:32:42.000Z",
"dateReserved": "2021-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:02:51.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29207 (GCVE-0-2021-29207)
Vulnerability from nvd – Published: 2021-05-25 13:53 – Updated: 2024-08-03 22:02
VLAI?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
Severity ?
No CVSS data available.
CWE
- remote xss
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Affected:
Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78
Affected: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.367Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote xss",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T13:53:29.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29207",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote xss"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29207",
"datePublished": "2021-05-25T13:53:29.000Z",
"dateReserved": "2021-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:02:51.367Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29206 (GCVE-0-2021-29206)
Vulnerability from nvd – Published: 2021-05-25 13:53 – Updated: 2024-08-03 22:02
VLAI?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
Severity ?
No CVSS data available.
CWE
- remote xss
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Affected:
Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78
Affected: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.072Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote xss",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T13:53:25.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29206",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote xss"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29206",
"datePublished": "2021-05-25T13:53:25.000Z",
"dateReserved": "2021-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:02:51.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29205 (GCVE-0-2021-29205)
Vulnerability from nvd – Published: 2021-05-25 13:37 – Updated: 2024-08-03 22:02
VLAI?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
Severity ?
No CVSS data available.
CWE
- remote xss
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Affected:
Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78
Affected: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote xss",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T13:37:43.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29205",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote xss"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29205",
"datePublished": "2021-05-25T13:37:43.000Z",
"dateReserved": "2021-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:02:51.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29204 (GCVE-0-2021-29204)
Vulnerability from nvd – Published: 2021-05-25 13:37 – Updated: 2024-08-03 22:02
VLAI?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
Severity ?
No CVSS data available.
CWE
- remote xss
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Affected:
Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78
Affected: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.095Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote xss",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T13:37:40.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29204",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote xss"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29204",
"datePublished": "2021-05-25T13:37:40.000Z",
"dateReserved": "2021-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:02:51.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29202 (GCVE-0-2021-29202)
Vulnerability from nvd – Published: 2021-05-25 13:24 – Updated: 2024-08-03 22:02
VLAI?
Summary
A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
Severity ?
No CVSS data available.
CWE
- local buffer overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Affected:
Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78
Affected: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:50.533Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T13:24:19.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29202",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29202",
"datePublished": "2021-05-25T13:24:19.000Z",
"dateReserved": "2021-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:02:50.533Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29201 (GCVE-0-2021-29201)
Vulnerability from nvd – Published: 2021-05-25 13:24 – Updated: 2024-08-03 22:02
VLAI?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
Severity ?
No CVSS data available.
CWE
- remote xss
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Affected:
Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78
Affected: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.300Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote xss",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T13:24:14.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29201",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote xss"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29201",
"datePublished": "2021-05-25T13:24:14.000Z",
"dateReserved": "2021-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:02:51.300Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7202 (GCVE-0-2020-7202)
Vulnerability from nvd – Published: 2021-01-05 14:08 – Updated: 2024-08-04 09:25
VLAI?
Summary
A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4) firmware. The vulnerability could be remotely exploited to disclose the serial number and other information.
Severity ?
No CVSS data available.
CWE
- Remote disclosure of information
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE ProLiant Servers, Apollo Products, Converged Systems, and Synergy Compute Modules with Integrated Lights-Out 5 (iLO 5), or Integrated Lights-Out 4 (iLO 4) |
Affected:
Prior to iLO 5 v2.31
Affected: Prior to iLO 4 v2.76 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:25:48.181Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04069en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE ProLiant Servers, Apollo Products, Converged Systems, and Synergy Compute Modules with Integrated Lights-Out 5 (iLO 5), or Integrated Lights-Out 4 (iLO 4)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to iLO 5 v2.31"
},
{
"status": "affected",
"version": "Prior to iLO 4 v2.76"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4) firmware. The vulnerability could be remotely exploited to disclose the serial number and other information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote disclosure of information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-05T14:08:28.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04069en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2020-7202",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE ProLiant Servers, Apollo Products, Converged Systems, and Synergy Compute Modules with Integrated Lights-Out 5 (iLO 5), or Integrated Lights-Out 4 (iLO 4)",
"version": {
"version_data": [
{
"version_value": "Prior to iLO 5 v2.31"
},
{
"version_value": "Prior to iLO 4 v2.76"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4) firmware. The vulnerability could be remotely exploited to disclose the serial number and other information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote disclosure of information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04069en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04069en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2020-7202",
"datePublished": "2021-01-05T14:08:28.000Z",
"dateReserved": "2020-01-16T00:00:00.000Z",
"dateUpdated": "2024-08-04T09:25:48.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4843 (GCVE-0-2013-4843)
Vulnerability from nvd – Published: 2013-11-16 02:00 – Updated: 2024-09-16 21:08
VLAI?
Summary
Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:40.745Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBHF02939",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-16T02:00:00.000Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBHF02939",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-4843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBHF02939",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101326",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-4843",
"datePublished": "2013-11-16T02:00:00.000Z",
"dateReserved": "2013-07-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T21:08:14.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4842 (GCVE-0-2013-4842)
Vulnerability from nvd – Published: 2013-11-16 02:00 – Updated: 2024-09-16 19:25
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:40.992Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBHF02939",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101323",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-16T02:00:00.000Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBHF02939",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101323",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-4842",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBHF02939",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101323",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-4842",
"datePublished": "2013-11-16T02:00:00.000Z",
"dateReserved": "2013-07-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:25:11.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28083 (GCVE-0-2023-28083)
Vulnerability from cvelistv5 – Published: 2023-03-20 12:34 – Updated: 2025-02-26 19:17
VLAI?
Title
Potential Cross-Site scripting vulnerability in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4).
Summary
A remote Cross-site Scripting vulnerability was discovered in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4). HPE has provided software updates to resolve this vulnerability in HPE Integrated Lights-Out.
Severity ?
8.3 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HPE | Integrated Lights-Out |
Affected:
Integrated Lights-Out 6 (iLO 6) , < 1.20
(1.20)
Affected: Integrated Lights-Out 5 (iLO 5) , < 2.78 (2.78) Affected: Integrated Lights-Out 4 (iLO 4) , < 2.82 (2.82) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:30:23.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04456en_us"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28083",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T19:16:56.564415Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T19:17:12.354Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Integrated Lights-Out",
"vendor": "HPE",
"versions": [
{
"lessThan": "1.20",
"status": "affected",
"version": "Integrated Lights-Out 6 (iLO 6)",
"versionType": "1.20"
},
{
"lessThan": "2.78",
"status": "affected",
"version": "Integrated Lights-Out 5 (iLO 5) ",
"versionType": "2.78"
},
{
"lessThan": "2.82",
"status": "affected",
"version": "Integrated Lights-Out 4 (iLO 4)",
"versionType": "2.82"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A remote Cross-site Scripting vulnerability was discovered in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4). HPE has provided software updates to resolve this vulnerability in HPE Integrated Lights-Out."
}
],
"value": "A remote Cross-site Scripting vulnerability was discovered in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4). HPE has provided software updates to resolve this vulnerability in HPE Integrated Lights-Out."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-22T04:39:47.581Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbhf04456en_us"
}
],
"source": {
"advisory": "HPESBHF04456",
"discovery": "UNKNOWN"
},
"title": "Potential Cross-Site scripting vulnerability in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4). ",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2023-28083",
"datePublished": "2023-03-20T12:34:16.606Z",
"dateReserved": "2023-03-10T14:47:44.211Z",
"dateUpdated": "2025-02-26T19:17:12.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23704 (GCVE-0-2022-23704)
Vulnerability from cvelistv5 – Published: 2022-05-09 20:17 – Updated: 2024-08-03 03:51
VLAI?
Summary
A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 (iLO 4) 2.80 and later.
Severity ?
No CVSS data available.
CWE
- remote denial of service (DoS)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE Integrated Lights-Out 4 (iLO 4) |
Affected:
Prior to iLO 4 version 2.80
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:45.936Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04240en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to iLO 4 version 2.80"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 (iLO 4) 2.80 and later."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote denial of service (DoS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-09T20:17:34.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04240en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2022-23704",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4)",
"version": {
"version_data": [
{
"version_value": "Prior to iLO 4 version 2.80"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 (iLO 4) 2.80 and later."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote denial of service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04240en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04240en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2022-23704",
"datePublished": "2022-05-09T20:17:34.000Z",
"dateReserved": "2022-01-19T00:00:00.000Z",
"dateUpdated": "2024-08-03T03:51:45.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29209 (GCVE-0-2021-29209)
Vulnerability from cvelistv5 – Published: 2021-05-25 14:32 – Updated: 2024-08-03 22:02
VLAI?
Summary
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
Severity ?
No CVSS data available.
CWE
- remote dom xss, crlf injection
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Affected:
Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78
Affected: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.204Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote dom xss, crlf injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T14:32:49.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29209",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote dom xss, crlf injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29209",
"datePublished": "2021-05-25T14:32:49.000Z",
"dateReserved": "2021-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:02:51.204Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29208 (GCVE-0-2021-29208)
Vulnerability from cvelistv5 – Published: 2021-05-25 14:32 – Updated: 2024-08-03 22:02
VLAI?
Summary
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
Severity ?
No CVSS data available.
CWE
- remote dom xss, crlf injection
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Affected:
Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78
Affected: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote dom xss, crlf injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T14:32:42.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29208",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote dom xss, crlf injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29208",
"datePublished": "2021-05-25T14:32:42.000Z",
"dateReserved": "2021-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:02:51.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29211 (GCVE-0-2021-29211)
Vulnerability from cvelistv5 – Published: 2021-05-25 14:11 – Updated: 2024-08-03 22:02
VLAI?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
Severity ?
No CVSS data available.
CWE
- remote xss
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Affected:
Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78
Affected: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.313Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote xss",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T14:11:09.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29211",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote xss"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29211",
"datePublished": "2021-05-25T14:11:09.000Z",
"dateReserved": "2021-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:02:51.313Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29210 (GCVE-0-2021-29210)
Vulnerability from cvelistv5 – Published: 2021-05-25 14:11 – Updated: 2024-08-03 22:02
VLAI?
Summary
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
Severity ?
No CVSS data available.
CWE
- remote dom xss, crlf injection
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Affected:
Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78
Affected: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote dom xss, crlf injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T14:11:03.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29210",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote dom xss, crlf injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29210",
"datePublished": "2021-05-25T14:11:03.000Z",
"dateReserved": "2021-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:02:51.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29207 (GCVE-0-2021-29207)
Vulnerability from cvelistv5 – Published: 2021-05-25 13:53 – Updated: 2024-08-03 22:02
VLAI?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
Severity ?
No CVSS data available.
CWE
- remote xss
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Affected:
Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78
Affected: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.367Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote xss",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T13:53:29.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29207",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote xss"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29207",
"datePublished": "2021-05-25T13:53:29.000Z",
"dateReserved": "2021-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:02:51.367Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29206 (GCVE-0-2021-29206)
Vulnerability from cvelistv5 – Published: 2021-05-25 13:53 – Updated: 2024-08-03 22:02
VLAI?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
Severity ?
No CVSS data available.
CWE
- remote xss
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Affected:
Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78
Affected: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.072Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote xss",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T13:53:25.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29206",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote xss"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29206",
"datePublished": "2021-05-25T13:53:25.000Z",
"dateReserved": "2021-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:02:51.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29205 (GCVE-0-2021-29205)
Vulnerability from cvelistv5 – Published: 2021-05-25 13:37 – Updated: 2024-08-03 22:02
VLAI?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
Severity ?
No CVSS data available.
CWE
- remote xss
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Affected:
Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78
Affected: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote xss",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T13:37:43.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29205",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote xss"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29205",
"datePublished": "2021-05-25T13:37:43.000Z",
"dateReserved": "2021-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:02:51.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29204 (GCVE-0-2021-29204)
Vulnerability from cvelistv5 – Published: 2021-05-25 13:37 – Updated: 2024-08-03 22:02
VLAI?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
Severity ?
No CVSS data available.
CWE
- remote xss
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Affected:
Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78
Affected: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.095Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote xss",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T13:37:40.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29204",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote xss"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29204",
"datePublished": "2021-05-25T13:37:40.000Z",
"dateReserved": "2021-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:02:51.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29202 (GCVE-0-2021-29202)
Vulnerability from cvelistv5 – Published: 2021-05-25 13:24 – Updated: 2024-08-03 22:02
VLAI?
Summary
A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
Severity ?
No CVSS data available.
CWE
- local buffer overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Affected:
Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78
Affected: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:50.533Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T13:24:19.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29202",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29202",
"datePublished": "2021-05-25T13:24:19.000Z",
"dateReserved": "2021-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:02:50.533Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29201 (GCVE-0-2021-29201)
Vulnerability from cvelistv5 – Published: 2021-05-25 13:24 – Updated: 2024-08-03 22:02
VLAI?
Summary
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
Severity ?
No CVSS data available.
CWE
- remote xss
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers |
Affected:
Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78
Affected: Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.300Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"status": "affected",
"version": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote xss",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-25T13:24:14.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2021-29201",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers",
"version": {
"version_data": [
{
"version_value": "Prior to HPE Integrated Lights-Out 4 (iLO 4) version 2.78"
},
{
"version_value": "Prior to HPE Integrated Lights-Out 5 (iLO 5) version 2.44"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote xss"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04134en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2021-29201",
"datePublished": "2021-05-25T13:24:14.000Z",
"dateReserved": "2021-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:02:51.300Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7202 (GCVE-0-2020-7202)
Vulnerability from cvelistv5 – Published: 2021-01-05 14:08 – Updated: 2024-08-04 09:25
VLAI?
Summary
A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4) firmware. The vulnerability could be remotely exploited to disclose the serial number and other information.
Severity ?
No CVSS data available.
CWE
- Remote disclosure of information
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HPE ProLiant Servers, Apollo Products, Converged Systems, and Synergy Compute Modules with Integrated Lights-Out 5 (iLO 5), or Integrated Lights-Out 4 (iLO 4) |
Affected:
Prior to iLO 5 v2.31
Affected: Prior to iLO 4 v2.76 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:25:48.181Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04069en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE ProLiant Servers, Apollo Products, Converged Systems, and Synergy Compute Modules with Integrated Lights-Out 5 (iLO 5), or Integrated Lights-Out 4 (iLO 4)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to iLO 5 v2.31"
},
{
"status": "affected",
"version": "Prior to iLO 4 v2.76"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4) firmware. The vulnerability could be remotely exploited to disclose the serial number and other information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote disclosure of information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-05T14:08:28.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04069en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2020-7202",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE ProLiant Servers, Apollo Products, Converged Systems, and Synergy Compute Modules with Integrated Lights-Out 5 (iLO 5), or Integrated Lights-Out 4 (iLO 4)",
"version": {
"version_data": [
{
"version_value": "Prior to iLO 5 v2.31"
},
{
"version_value": "Prior to iLO 4 v2.76"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4) firmware. The vulnerability could be remotely exploited to disclose the serial number and other information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote disclosure of information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04069en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04069en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2020-7202",
"datePublished": "2021-01-05T14:08:28.000Z",
"dateReserved": "2020-01-16T00:00:00.000Z",
"dateUpdated": "2024-08-04T09:25:48.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4843 (GCVE-0-2013-4843)
Vulnerability from cvelistv5 – Published: 2013-11-16 02:00 – Updated: 2024-09-16 21:08
VLAI?
Summary
Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:40.745Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBHF02939",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-16T02:00:00.000Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBHF02939",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-4843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBHF02939",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101326",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-4843",
"datePublished": "2013-11-16T02:00:00.000Z",
"dateReserved": "2013-07-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T21:08:14.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4842 (GCVE-0-2013-4842)
Vulnerability from cvelistv5 – Published: 2013-11-16 02:00 – Updated: 2024-09-16 19:25
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:40.992Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBHF02939",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101323",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-16T02:00:00.000Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBHF02939",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101323",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-4842",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBHF02939",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
},
{
"name": "SSRT101323",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03996804"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-4842",
"datePublished": "2013-11-16T02:00:00.000Z",
"dateReserved": "2013-07-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:25:11.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}