Hp - Integrated Lights-out 3 CVE

Filtered by vendor Hp Subscribe

Filtered by product Integrated Lights-out 3

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2016-4379	1 Hp	2 Integrated Lights-out 3, Integrated Lights-out 3 Firmware	2016-11-28	4.3 MEDIUM	3.7 LOW
The TLS implementation in HPE Integrated Lights-Out 3 (aka iLO3) firmware before 1.88 does not properly use a MAC protection mechanism in conjunction with CBC padding, which allows remote attackers to obtain sensitive information via a padding-oracle attack, aka a Vaudenay attack.

Vulnerabilities (CVE)