Vulnerability in Hewlett Packard Enterprise Integrated Lights-out 4 (Ilo 4)
CVE-2017-12542
A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 (iLO 4) version prior to 2.53 was found.
EPSS: 0.943 (99.9th percentile) — read the EPSS interpretation.
Affected products
- Hewlett Packard Enterprise Integrated Lights-out 4 (Ilo 4) — versions Prior to 2.53
Public proof-of-concept exploits
References
- 100467 (vdb-entry, x_refsource_BID)
- 1039222 (vdb-entry, x_refsource_SECTRACK)
- 44005 (exploit, x_refsource_EXPLOIT-DB)
- support.hpe.com/hpsc/doc/public/display (x_refsource_CONFIRM)
Frequently asked questions
- What is CVE-2017-12542?
- CVE-2017-12542 is a vulnerability in Hewlett Packard Enterprise Integrated Lights-out 4 (Ilo 4). Published 2018-02-15.
- Is CVE-2017-12542 known to be exploited?
- 34 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.