CVE-2016-4375
CRITICALHPE iLO <1.88-2.44 - Info Disclosure/Privilege Escalation/DoS
Title source: llmDescription
Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 (aka iLO 3) firmware before 1.88, Integrated Lights-Out 4 (aka iLO 4) firmware before 2.44, and Integrated Lights-Out 4 (aka iLO 4) mRCA firmware before 2.32 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1036629
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/92484
Vendor Advisory x_refsource_confirm
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05236950
Scores
CVSS v3
9.8
EPSS
0.0185
EPSS Percentile
83.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (3)
hp/integrated_lights-out_3_firmware
1.87
hp/integrated_lights-out_4_firmware
2.43
hp/integrated_lights-out_4_mrca_firmware
2.31
Published
Sep 08, 2016
Tracked Since
Feb 18, 2026