Remote Multiple Vulnerabilities – HPE iLO
What’s the security issue?
New security issue has been detected on HPE iLO that allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
HPE asked customers to updated their iLO to preventing any remote attack. The below iLO versions are impacted:
- HP Integrated Lights-Out 3 (iLO 3), Firmware for ProLiant G7 Servers prior to v1.88
- HP Integrated Lights-Out 4 (iLO 4), prior to v2.44
- HP iLO 4 mRCA prior to v2.32
What’s the solution?
Update iLO frimware is actually HPE solution for the Vulnerabilities:
- iLO 3 version v1.88 or subsequent
- iLO 4 version v2.44 or subsequent
- iLO 4 version v2.32 for mRCA Moonshot cartridge or subsequent
Read the below links for more information: