HPE Integrated Lights-Out Multiple Remote Vulnerabilities

The HPE Integrated Lights-Out (iLO) is an embedded server management technology that is useful as an out-of-band management technology.

HPE iLO3 and HPE iLO4 contain multiple unspecified vulnerabilities that allow remote attackers to to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.

Affected Versions:
HPE Integrated Lights-Out 3 firmware versions prior to 1.88
HPE Integrated Lights-Out 4 firmware versions prior to 2.44
HPE Integrated Lights-Out 4 mRCA firmware versions prior to 2.32

A remote attacker could exploit these vulnerabilities to obtain sensitive information, modify data or cause a denial of service attack.

Customers are advised to visit c05236950 to remediate this vulnerability.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

c05236950