8.3
CVE-2019-11982
- EPSS 0.6%
- Veröffentlicht 05.06.2019 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:22:06
- Quelle security-alert@hpe.com
- Teams Watchlist Login
- Unerledigt Login
A remote cross site scripting vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hp ≫ Integrated Lights-out 5 Firmware Version <= 1.39
Hp ≫ Proliant Bl460c Gen10 Version-
Hp ≫ Proliant Dl120 Gen10 Version-
Hp ≫ Proliant Dl160 Gen10 Version-
Hp ≫ Proliant Dl180 Gen10 Version-
Hp ≫ Proliant Dl20 Gen10 Version-
Hp ≫ Proliant Dl325 Gen10 Version-
Hp ≫ Proliant Dl360 Gen10 Version-
Hp ≫ Proliant Dl380 Gen10 Version-
Hp ≫ Proliant Dl385 Gen10 Version-
Hp ≫ Proliant Dl560 Gen10 Version-
Hp ≫ Proliant Dl580 Gen10 Version-
Hp ≫ Proliant Microserver Gen10 Version-
Hp ≫ Proliant Ml110 Gen10 Version-
Hp ≫ Proliant Ml350 Gen10 Version-
Hp ≫ Proliant Xl170r Gen10 Version-
Hp ≫ Proliant Xl190r Gen10 Version-
Hp ≫ Proliant Xl230k Gen10 Version-
Hp ≫ Proliant Xl450 Gen10 Version-
Hp ≫ Proliant Dl120 Gen10 Version-
Hp ≫ Proliant Dl160 Gen10 Version-
Hp ≫ Proliant Dl180 Gen10 Version-
Hp ≫ Proliant Dl20 Gen10 Version-
Hp ≫ Proliant Dl325 Gen10 Version-
Hp ≫ Proliant Dl360 Gen10 Version-
Hp ≫ Proliant Dl380 Gen10 Version-
Hp ≫ Proliant Dl385 Gen10 Version-
Hp ≫ Proliant Dl560 Gen10 Version-
Hp ≫ Proliant Dl580 Gen10 Version-
Hp ≫ Proliant Microserver Gen10 Version-
Hp ≫ Proliant Ml110 Gen10 Version-
Hp ≫ Proliant Ml350 Gen10 Version-
Hp ≫ Proliant Xl170r Gen10 Version-
Hp ≫ Proliant Xl190r Gen10 Version-
Hp ≫ Proliant Xl230k Gen10 Version-
Hp ≫ Proliant Xl450 Gen10 Version-
Hp ≫ Integrated Lights-out 4 Firmware Version <= 2.61b
Hp ≫ Proliant Bl460c Gen9 Version-
Hp ≫ Proliant Dl120 Gen9 Version-
Hp ≫ Proliant Dl180 Gen9 Version-
Hp ≫ Proliant Dl360 Gen9 Version-
Hp ≫ Proliant Dl380 Gen9 Version-
Hp ≫ Proliant Dl580 Gen9 Version-
Hp ≫ Proliant Ml10 Gen9 Version2
Hp ≫ Proliant Ml110 Gen9 Version-
Hp ≫ Proliant Ml150 Gen9 Version-
Hp ≫ Proliant Ml30 Gen9 Version2
Hp ≫ Proliant Ml350 Gen9 Version-
Hp ≫ Proliant Ws460c Gen9 Version-
Hp ≫ Proliant Xl170r Gen9 Version-
Hp ≫ Proliant Xl190r Gen9 Version-
Hp ≫ Proliant Xl230a Gen9 Version-
Hp ≫ Proliant Xl250a Gen9 Version-
Hp ≫ Proliant Xl730f Gen9
Hp ≫ Proliant Xl740f Gen9 Version-
Hp ≫ Proliant Xl750f Gen9 Version-
Hp ≫ Proliant Dl120 Gen9 Version-
Hp ≫ Proliant Dl180 Gen9 Version-
Hp ≫ Proliant Dl360 Gen9 Version-
Hp ≫ Proliant Dl380 Gen9 Version-
Hp ≫ Proliant Dl580 Gen9 Version-
Hp ≫ Proliant Ml10 Gen9 Version2
Hp ≫ Proliant Ml110 Gen9 Version-
Hp ≫ Proliant Ml150 Gen9 Version-
Hp ≫ Proliant Ml30 Gen9 Version2
Hp ≫ Proliant Ml350 Gen9 Version-
Hp ≫ Proliant Ws460c Gen9 Version-
Hp ≫ Proliant Xl170r Gen9 Version-
Hp ≫ Proliant Xl190r Gen9 Version-
Hp ≫ Proliant Xl230a Gen9 Version-
Hp ≫ Proliant Xl250a Gen9 Version-
Hp ≫ Proliant Xl730f Gen9
Hp ≫ Proliant Xl740f Gen9 Version-
Hp ≫ Proliant Xl750f Gen9 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.6% | 0.686 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.3 | 1.6 | 6 |
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
|
| nvd@nist.gov | 7.6 | 4.9 | 10 |
AV:N/AC:H/Au:N/C:C/I:C/A:C
|
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.