CVE-2013-2338

Published Jun 14, 2013

Last updated 5 years ago

Overview

Description: Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) cards with firmware before 1.57 and 4 (aka iLO4) cards with firmware before 1.22, when Single-Sign-On (SSO) is used, allows remote attackers to execute arbitrary code via unknown vectors.
Source: hp-security-alert@hp.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C8A8AC2-5764-4206-8D89-376E4311F257",
            "versionEndIncluding": "1.55"
          },
          {
            "criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:1.00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C400697-E7FB-4EF4-AF0A-060E2E4193C4"
          },
          {
            "criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:1.05:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2087DC1D-9290-4238-AFF7-1E59FAAACF01"
          },
          {
            "criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:1.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E8B05ECC-AA89-4594-8391-AEE5D52F93C8"
          },
          {
            "criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:1.26:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F3E02AB-F3E9-4092-AECA-2F7F8FD87A58"
          },
          {
            "criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:1.28:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "457C1F21-3DAA-40E1-8D40-52E496AA7103"
          },
          {
            "criteria": "cpe:2.3:o:hp:integrated_lights-out_3_firmware:1.50:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B404FDB-DBE5-41E9-9C09-F3DAC309F519"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2CDC3A7-2399-4847-9795-E6212CB42E62",
            "versionEndIncluding": "1.20"
          },
          {
            "criteria": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:1.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "75257143-4C7C-4F10-93D7-0422C519B74A"
          },
          {
            "criteria": "cpe:2.3:o:hp:integrated_lights-out_4_firmware:1.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09EA57F3-95A0-4EBB-97AC-53F829064F5E"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References