Description
A remote execution of arbitrary code vulnerability has been identified in HPE RESTful Interface Tool 1.5, 2.0 (hprest-1.5-79.x86_64.rpm, ilorest-2.0-403.x86_64.rpm). The issue is resolved in iLOREST v2.1 or subsequent versions.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03796en_us
Scores
CVSS v3
7.8
EPSS
0.0066
EPSS Percentile
71.4%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (2)
hp/restful_interface_tool
1.5
hp/restful_interface_tool
2.0
Published
Aug 06, 2018
Tracked Since
Feb 18, 2026