How severe is CVE-2018-7093?

High severity. CVSS v3 base score is 8.6 out of 10.

Vulnerability in Hewlett Packard Enterprise Ilo 5 For Hpe Gen10 Servers, 4, 3, Moonshot Chassis Management Firmware, Component Packs Proliant M510 And M710x Server Cartridges

CVE-2018-7093

A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior to v2.55 could be remotely exploited to…

EPSS: 0.035 (87.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.6 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H.

Affected products

Hewlett Packard Enterprise Ilo 5 For Hpe Gen10 Servers, 4, 3, Moonshot Chassis Management Firmware, Component Packs Proliant M510 And M710x Server Cartridges — versions iLO 5 for HPE Gen10 Servers - Prior to v1.30, iLO 4 - Prior to v2.60, iLO 3 - Prior to v1.90, Moonshot Chassis Management Firmware - Prior to 1.58, Moonshot Component Packs - Prior to 2.55 for HPE ProLiant m510 and m710x server cartridges
Hp Integrated_lights-out
Hp Integrated_lights-out_3_firmware
Hp Integrated_lights-out_4_firmware
Hp Integrated_lights-out_5_firmware
Hp Moonshot_chassis_manager_firmware
Hp Moonshot_component_pack
Hp Moonshot_component_pack_firmware

References

security-alert@hpe.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_SECTRACK)
security-alert@hpe.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2018-7093?: CVE-2018-7093 is a high-severity vulnerability in Hewlett Packard Enterprise Ilo 5 For Hpe Gen10 Servers, 4, 3, Moonshot Chassis Management Firmware, Component Packs Proliant M510 And M710x Server Cartridges. CVSS score: 8.6/10. Published 2018-08-14.
How severe is CVE-2018-7093?: High severity. CVSS v3 base score is 8.6 out of 10.