CVE-2019-11983

Published: Jun 5, 2019Modified: Nov 21, 2024

7.0

Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

Exploitability: 2.2 / Impact: 4.7

Source: NVD

Description

A remote buffer overflow vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39.

Affected (2)

Products: Hp: Integrated Lights Out 5 Firmware, Integrated Lights Out 4 Firmware

2 products

Integrated Lights Out 5 Firmware

Integrated Lights Out 4 Firmware

Configuration A

1 vulnerable · 18 platform

Vulnerable Software	Affected Versions
Hp Integrated Lights Out 5 Firmware	Up to 1.39

Running on/with	Platform Versions
Hp Proliant Bl460c Gen10	All versions
Hp Proliant Dl120 Gen10	All versions
Hp Proliant Dl160 Gen10	All versions
Hp Proliant Dl180 Gen10	All versions
Hp Proliant Dl20 Gen10	All versions
Hp Proliant Dl325 Gen10	All versions
Hp Proliant Dl360 Gen10	All versions
Hp Proliant Dl380 Gen10	All versions
Hp Proliant Dl385 Gen10	All versions
Hp Proliant Dl560 Gen10	All versions
Hp Proliant Dl580 Gen10	All versions
Hp Proliant Microserver Gen10	All versions
Hp Proliant Ml110 Gen10	All versions
Hp Proliant Ml350 Gen10	All versions
Hp Proliant Xl170r Gen10	All versions
Hp Proliant Xl190r Gen10	All versions
Hp Proliant Xl230k Gen10	All versions
Hp Proliant Xl450 Gen10	All versions

Configuration B

1 vulnerable · 19 platform

Vulnerable Software	Affected Versions
Hp Integrated Lights Out 4 Firmware	Up to 2.61b

Running on/with	Platform Versions
Hp Proliant Bl460c Gen9	All versions
Hp Proliant Dl120 Gen9	All versions
Hp Proliant Dl180 Gen9	All versions
Hp Proliant Dl360 Gen9	All versions
Hp Proliant Dl380 Gen9	All versions
Hp Proliant Dl580 Gen9	All versions
Hp Proliant Ml10 Gen9	Version 2
Hp Proliant Ml110 Gen9	All versions
Hp Proliant Ml150 Gen9	All versions
Hp Proliant Ml30 Gen9	Version 2
Hp Proliant Ml350 Gen9	All versions
Hp Proliant Ws460c Gen9	All versions
Hp Proliant Xl170r Gen9	All versions
Hp Proliant Xl190r Gen9	All versions
Hp Proliant Xl230a Gen9	All versions
Hp Proliant Xl250a Gen9	All versions
Hp Proliant Xl730f Gen9	All versions
Hp Proliant Xl740f Gen9	All versions
Hp Proliant Xl750f Gen9	All versions

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (2)

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03917en_us

Source: security-alert@hpe.com

Vendor Advisory

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03917en_us

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.