Overview
- Description
- A remote unauthenticated directory traversal security vulnerability has been identified in HPE iLO Amplifier Pack versions 1.80, 1.81, 1.90 and 1.95. The vulnerability could be remotely exploited to allow an unauthenticated user to run arbitrary code leading complete impact to confidentiality, integrity, and availability of the iLO Amplifier Pack appliance.
- Source
- security-alert@hpe.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-22
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:ilo_amplifier_pack:1.80:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BEAD558D-7BE0-4739-94F8-61C291273A53"
},
{
"criteria": "cpe:2.3:a:hp:ilo_amplifier_pack:1.81:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DAACBE6E-9AB8-4AB1-A122-F1A6D294260C"
},
{
"criteria": "cpe:2.3:a:hp:ilo_amplifier_pack:1.90:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "827C9C6D-3898-4475-8A48-D96286524162"
},
{
"criteria": "cpe:2.3:a:hp:ilo_amplifier_pack:1.95:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "093DA8C2-3D32-4BFA-BF8A-E8DFADC6D6C1"
}
],
"operator": "OR"
}
]
}
]