CVE-2014-2601

Published Apr 24, 2014

Last updated 11 years ago

Overview

Description: The server in HP Integrated Lights-Out 2 (aka iLO 2) 2.23 and earlier allows remote attackers to cause a denial of service via crafted HTTPS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool.
Source: hp-security-alert@hp.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hp:integrated_lights-out_2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1EDF7C7-A610-4B0B-8265-14961F013DFD",
            "versionEndIncluding": "2.23"
          },
          {
            "criteria": "cpe:2.3:o:hp:integrated_lights-out_2_firmware:1.00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34DDCA00-2FA2-4F2F-81DA-144C17E6C99A"
          },
          {
            "criteria": "cpe:2.3:o:hp:integrated_lights-out_2_firmware:1.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9FE365DA-71B8-4F6F-B900-41FC66553704"
          },
          {
            "criteria": "cpe:2.3:o:hp:integrated_lights-out_2_firmware:1.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D69A3CD-F64B-4634-8A6C-FE89172A2B85"
          },
          {
            "criteria": "cpe:2.3:o:hp:integrated_lights-out_2_firmware:1.30:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4665B2DE-C3AE-4301-B8F6-73D3A2C3566E"
          },
          {
            "criteria": "cpe:2.3:o:hp:integrated_lights-out_2_firmware:1.70:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1ABE54CE-479B-450C-B579-C2C5A3FE9AC4"
          },
          {
            "criteria": "cpe:2.3:o:hp:integrated_lights-out_2_firmware:1.75:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24B1E9AC-FAA3-4DE7-9B57-EAF8F447259D"
          },
          {
            "criteria": "cpe:2.3:o:hp:integrated_lights-out_2_firmware:2.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58E33A5F-102E-43CA-BBD0-0E824FE3EABC"
          },
          {
            "criteria": "cpe:2.3:o:hp:integrated_lights-out_2_firmware:2.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "635FA4AF-7C55-4CCD-815A-AB4A122FC161"
          },
          {
            "criteria": "cpe:2.3:o:hp:integrated_lights-out_2_firmware:2.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED76533D-0CE7-4858-BBB5-847E4659365F"
          },
          {
            "criteria": "cpe:2.3:o:hp:integrated_lights-out_2_firmware:2.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF96ECBC-1312-4F8A-9B12-D13A55ED4873"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References