A local arbitrary code execution vulnerability exists in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): before 2.71. An unprivileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality and integrity, and a partial loss of availability. User interaction is required to exploit this vulnerability. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hpe integrated_lights-out_5_firmware |