Remote Denial of Service Vulnerability in HP Integrated Lights-Out 2
CVE-2014-2601

Currently unrated

Key Information:

Vendor

HP
Status
Integrated Lights-out 2 Firmware
Vendor
CVE Published:
24 April 2014

What is CVE-2014-2601?

The HP Integrated Lights-Out 2 (iLO 2) version 2.23 and earlier is susceptible to a remote denial of service attack. Maliciously crafted HTTPS traffic can be sent to the server, leading to service disruptions. This vulnerability demonstrates a potential attack vector that can impact the availability of the iLO 2 management interface, requiring proper security measures to mitigate the risk of exploitation.

References

https://isc.sans.edu/forums/diary/Be+Careful+what+you+Sca...
x_refsource_MISC
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...
vendor-advisoryx_refsource_HP
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...
vendor-advisoryx_refsource_HP

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2014-2601 : Remote Denial of Service Vulnerability in HP Integrated Lights-Out 2