How severe is CVE-2023-28092?

Medium severity. CVSS v3 base score is 6.1 out of 10.

Vulnerability in Hewlett Packard Enterprise (Hpe) Hpe Proliant Rl300 Gen11

CVE-2023-28092

A potential security vulnerability has been identified in HPE ProLiant RL300 Gen11 Server. The vulnerability could result in the system being vulnerable to exploits by attackers with physical access inside the server chassis.

EPSS: 0.002 (15.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.1 (Medium). Vector: CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:L.

Affected products

Hewlett Packard Enterprise (Hpe) Hpe Proliant Rl300 Gen11 — versions System ROM v1.12, and HPE Integrated Lights-Out 6 (iLO 6) v1.05
Hp Integrated_lights-out — versions 6
Hp Integrated_lights-out_firmware — versions 1.05
Hp Proliant_rl300 — versions gen_11
Hp Proliant_rl300_firmware — versions 1.12

References

security-alert@hpe.com (Vendor Advisory)

Frequently asked questions

What is CVE-2023-28092?: CVE-2023-28092 is a medium-severity vulnerability in Hewlett Packard Enterprise (Hpe) Hpe Proliant Rl300 Gen11. CVSS score: 6.1/10. Published 2023-05-01.
How severe is CVE-2023-28092?: Medium severity. CVSS v3 base score is 6.1 out of 10.