What is CVE-2023-28083?

CVE-2023-28083 is a high-severity vulnerability in Hp Integrated_lights-out_4, classified under Cross-site Scripting. CVSS score: 8.3/10. Published 2023-03-22.

How severe is CVE-2023-28083?

High severity. CVSS v3 base score is 8.3 out of 10.

XSS in Hp Integrated_lights-out_4

CVE-2023-28083

A remote Cross-site Scripting vulnerability was discovered in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4). HPE has provided software updates to resolve this vulnerability in HPE…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.004 (35.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.3 (High). Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L.

Affected products

Hp Integrated_lights-out_4
Hp Integrated_lights-out_5
Hp Integrated_lights-out_6
Hpe Apollo_4200_gen10_plus_system
Hpe Apollo_4200_gen10_server
Hpe Apollo_4200_gen9_server
Hpe Apollo_4510_gen10_system
Hpe Apollo_6500_gen10_plus_system
Hpe Apollo_6500_gen10_system
Hpe Apollo_n2600_gen10_plus

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

References

security-alert@hpe.com (Vendor Advisory)

Frequently asked questions

What is CVE-2023-28083?: CVE-2023-28083 is a high-severity vulnerability in Hp Integrated_lights-out_4, classified under Cross-site Scripting. CVSS score: 8.3/10. Published 2023-03-22.
How severe is CVE-2023-28083?: High severity. CVSS v3 base score is 8.3 out of 10.