Remote Denial of Service Vulnerability in HPE Integrated Lights-Out 3
CVE-2017-8987

8.6HIGH

Key Information:

Vendor: HP
Status: HP Integrated Lights-out 3 (ilo 3)
Vendor: CVE Published:; 6 August 2018

What is CVE-2017-8987?

A vulnerability exists in HPE Integrated Lights-Out 3 (iLO 3) version v1.88 that allows for unauthenticated remote denial of service attacks. This weakness can potentially disrupt services by enabling remote attackers to affect the availability of the device. Users are encouraged to upgrade to version v1.89 or later to mitigate this risk. For further information, refer to HPE's official documentation and security advisory.

Affected Version(s)

HPE Integrated Lights-Out 3 (iLO 3) v1.88 only

References

https://support.hpe.com/hpsc/doc/public/display?docLocale...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1040429

vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 6, 2018
Vulnerability Reserved
May 15, 2017