CVE-2013-2338
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
14/06/2013
Last modified:
11/04/2025
Description
Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) cards with firmware before 1.57 and 4 (aka iLO4) cards with firmware before 1.22, when Single-Sign-On (SSO) is used, allows remote attackers to execute arbitrary code via unknown vectors.
Impact
Base Score 2.0
10.00
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:hp:integrated_lights-out_3_firmware:*:*:*:*:*:*:*:* | 1.55 (including) | |
| cpe:2.3:o:hp:integrated_lights-out_3_firmware:1.00:*:*:*:*:*:*:* | ||
| cpe:2.3:o:hp:integrated_lights-out_3_firmware:1.05:*:*:*:*:*:*:* | ||
| cpe:2.3:o:hp:integrated_lights-out_3_firmware:1.20:*:*:*:*:*:*:* | ||
| cpe:2.3:o:hp:integrated_lights-out_3_firmware:1.26:*:*:*:*:*:*:* | ||
| cpe:2.3:o:hp:integrated_lights-out_3_firmware:1.28:*:*:*:*:*:*:* | ||
| cpe:2.3:o:hp:integrated_lights-out_3_firmware:1.50:*:*:*:*:*:*:* | ||
| cpe:2.3:o:hp:integrated_lights-out_4_firmware:*:*:*:*:*:*:*:* | 1.20 (including) | |
| cpe:2.3:o:hp:integrated_lights-out_4_firmware:1.11:*:*:*:*:*:*:* | ||
| cpe:2.3:o:hp:integrated_lights-out_4_firmware:1.13:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03787836
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03787836
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03787836
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03787836