iLO 3 < 1.65 / iLO 4 < 1.32 Multiple Vulnerabilities
Medium Nessus Plugin ID 71494
SynopsisThe remote HP Integrated Lights-Out (iLO) server's web interface is affected by multiple vulnerabilities.
DescriptionAccording to its version number, the remote HP Integrated Lights-Out (iLO) server is affected by the following vulnerabilities :
- An unspecified error exists that could allow cross- site scripting attacks. (CVE-2013-4842 / SSRT101323)
- An unspecified error exists that could allow an attacker to obtain sensitive information.
(CVE-2013-4843 / SSRT101326)
SolutionFor HP Integrated Lights-Out (iLO) 3 upgrade firmware to 1.65 or later. For iLO 4, upgrade firmware to 1.32 or later.