Remote Code Execution Vulnerability in HPE Integrated Lights-Out Products
CVE-2018-7078
7.2HIGH
Key Information:
- Vendor
HP
- Vendor
- CVE Published:
- 6 August 2018
What is CVE-2018-7078?
A remote code execution vulnerability exists in HPE Integrated Lights-Out (iLO) versions prior to v2.60 for iLO 4 and v1.30 for iLO 5. This flaw can allow an attacker to execute arbitrary code on the affected devices, which may compromise the security of the entire environment. Users are urged to update their iLO firmware to mitigate potential risks associated with this vulnerability.
Affected Version(s)
HPE Integrated Lights-Out 4 (iLO 4), HPE Integrated Lights-Out 5 (iLO 5) iLO 4 earlier than version v2.60, iLO 5 earlier than version v1.30