iLO 3 < 1.50 / iLO 4 < 1.13 Unspecified Information Disclosure

high Nessus Plugin ID 69816

Synopsis

The remote HP Integrated Lights-Out (iLO) server has an unspecified information disclosure vulnerability.

Description

According to its version number, the remote HP Integrated Lights-Out (iLO) server is affected by an unspecified information disclosure vulnerability.

Solution

For HP Integrated Lights-Out (iLO) 3, upgrade firmware to 1.50 or later. For iLO 4, upgrade firmware to 1.13 or later.

See Also

http://www.nessus.org/u?2300d65c

Plugin Details

Severity: High

ID: 69816

File Name: ilo_info_disclosure.nasl

Version: 1.2

Type: remote

Family: Misc.

Published: 9/9/2013

Updated: 7/12/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:hp:integrated_lights-out_3_firmware, cpe:/o:hp:integrated_lights-out_4_firmware

Required KB Items: Settings/ParanoidReport, ilo/generation, ilo/firmware

Exploit Ease: No known exploits are available

Patch Publication Date: 10/26/2012

Vulnerability Publication Date: 11/19/2012

Reference Information

CVE: CVE-2012-3271

BID: 56597