CVE-2022-23704 - Vulnerability Details

A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 (iLO 4) 2.80 and later.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Hp	Integrated Lights-out 4
Hpe	Apollo 4200 Gen9 Server Proliant Bl420c Gen8 Server Proliant Bl460c Gen8 Server Blade Proliant Bl460c Gen9 Server Blade Proliant Bl465c Gen8 Server Blade Proliant Bl660c Gen8 Server Blade Proliant Bl660c Gen9 Server Proliant Dl120 Gen9 Server Proliant Dl160 Gen8 Server Proliant Dl160 Gen9 Server Proliant Dl180 Gen9 Server Proliant Dl20 Gen9 Server Proliant Dl320e Gen8 Server Proliant Dl320e Gen8 V2 Server Proliant Dl360 Gen9 Server Proliant Dl360e Gen8 Server Proliant Dl360p Gen8 Server Proliant Dl380 Gen9 Server Proliant Dl380e Gen8 Server Proliant Dl380p Gen8 Server Proliant Dl385p Gen8 Proliant Dl560 Gen8 Server Proliant Dl560 Gen9 Server Proliant Dl580 Gen8 Server Proliant Dl580 Gen9 Server Proliant Dl60 Gen9 Server Proliant Dl80 Gen9 Server Proliant Ec200a Server Proliant Microserver Gen8 Proliant Ml110 Gen9 Server Proliant Ml150 Gen9 Server Proliant Ml30 Gen9 Server Proliant Ml310e Gen8 Server Proliant Ml310e Gen8 V2 Server Proliant Ml350 Gen9 Server Proliant Ml350e Gen8 V2 Server Proliant Ml350p Gen8 Server Proliant Sl210t Gen8 Server Proliant Sl230s Gen8 Server Proliant Sl250s Gen8 Server Proliant Sl270s Gen8 Se Server Proliant Sl270s Gen8 Server Proliant Sl4540 Gen8 1 Node Server Proliant Ws460c Gen8 Graphics Server Blade Proliant Ws460c Gen9 Graphics Server Blade Proliant Xl170r Gen9 Server Proliant Xl190r Gen9 Server Proliant Xl220a Gen8 V2 Server Proliant Xl230a Gen9 Server Proliant Xl250a Gen9 Server Proliant Xl450 Gen9 Server Proliant Xl730f Gen9 Server Proliant Xl740f Gen9 Server Proliant Xl750f Gen9 Server Synergy 480 Gen9 Compute Module Synergy 620 Gen9 Compute Module Synergy 660 Gen9 Compute Module Synergy 680 Gen9 Compute Module

Configuration 1 [-]

AND

cpe:2.3:o:hp:integrated_lights-out_4:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:hpe:apollo_4200_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_bl420c_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_bl460c_gen8_server_blade:-:::::::*
	cpe:2.3:h:hpe:proliant_bl460c_gen9_server_blade:-:::::::*
	cpe:2.3:h:hpe:proliant_bl465c_gen8_server_blade:-:::::::*
	cpe:2.3:h:hpe:proliant_bl660c_gen8_server_blade:-:::::::*
	cpe:2.3:h:hpe:proliant_bl660c_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl120_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl160_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl160_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl180_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl20_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl320e_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl320e_gen8_v2_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl360_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl360e_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl360p_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl380_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl380e_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl380p_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl385p_gen8:-:::::::*
	cpe:2.3:h:hpe:proliant_dl560_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl560_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl580_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl580_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl60_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_dl80_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_ec200a_server:-:::::::*
	cpe:2.3:h:hpe:proliant_microserver_gen8:-:::::::*
	cpe:2.3:h:hpe:proliant_ml110_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_ml150_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_ml30_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_ml310e_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_ml310e_gen8_v2_server:-:::::::*
	cpe:2.3:h:hpe:proliant_ml350_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_ml350e_gen8_v2_server:-:::::::*
	cpe:2.3:h:hpe:proliant_ml350p_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_sl210t_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_sl230s_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_sl250s_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_sl270s_gen8_se_server:-:::::::*
	cpe:2.3:h:hpe:proliant_sl270s_gen8_server:-:::::::*
	cpe:2.3:h:hpe:proliant_sl4540_gen8_1_node_server:-:::::::*
	cpe:2.3:h:hpe:proliant_ws460c_gen8_graphics_server_blade:-:::::::*
	cpe:2.3:h:hpe:proliant_ws460c_gen9_graphics_server_blade:-:::::::*
	cpe:2.3:h:hpe:proliant_xl170r_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_xl190r_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_xl220a_gen8_v2_server:-:::::::*
	cpe:2.3:h:hpe:proliant_xl230a_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_xl250a_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_xl450_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_xl730f_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_xl740f_gen9_server:-:::::::*
	cpe:2.3:h:hpe:proliant_xl750f_gen9_server:-:::::::*
	cpe:2.3:h:hpe:synergy_480_gen9_compute_module:-:::::::*
	cpe:2.3:h:hpe:synergy_620_gen9_compute_module:-:::::::*
	cpe:2.3:h:hpe:synergy_660_gen9_compute_module:-:::::::*
	cpe:2.3:h:hpe:synergy_680_gen9_compute_module:-:::::::*

No data.

References

Link	Providers
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04240en_us

History

No history.

MITRE

Status: PUBLISHED

Assigner: hpe

Published: 2022-05-09T20:17:34

Updated: 2024-08-03T03:51:45.936Z

Reserved: 2022-01-19T00:00:00

Link: CVE-2022-23704

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-05-09T21:15:08.047

Modified: 2024-11-21T06:49:08.550

Link: CVE-2022-23704

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "HPE Integrated Lights-Out 4 (iLO 4)", "vendor": "n/a", "versions": [{"status": "affected", "version": "Prior to iLO 4 version 2.80"}]}], "descriptions": [{"lang": "en", "value": "A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 (iLO 4) 2.80 and later."}], "problemTypes": [{"descriptions": [{"description": "remote denial of service (DoS)", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-05-09T20:17:34", "orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04240en_us"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-alert@hpe.com", "ID": "CVE-2022-23704", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "HPE Integrated Lights-Out 4 (iLO 4)", "version": {"version_data": [{"version_value": "Prior to iLO 4 version 2.80"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 (iLO 4) 2.80 and later."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "remote denial of service (DoS)"}]}]}, "references": {"reference_data": [{"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04240en_us", "refsource": "MISC", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04240en_us"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T03:51:45.936Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04240en_us"}]}]}, "cveMetadata": {"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "assignerShortName": "hpe", "cveId": "CVE-2022-23704", "datePublished": "2022-05-09T20:17:34", "dateReserved": "2022-01-19T00:00:00", "dateUpdated": "2024-08-03T03:51:45.936Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:integrated_lights-out_4:*:*:*:*:*:*:*:*", "matchCriteriaId": "DB97149F-4E5A-4E25-9FEC-5E1610E714A1", "versionEndExcluding": "2.80", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hpe:apollo_4200_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "C20D38E9-B2EA-4ECC-B9EC-D29BB249AC77", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_bl420c_gen8_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "2E3C760C-2DAF-45CE-972B-B86D963B16BC", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_bl460c_gen8_server_blade:-:*:*:*:*:*:*:*", "matchCriteriaId": "B110E689-1823-42D6-91E6-81115A2CB048", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_bl460c_gen9_server_blade:-:*:*:*:*:*:*:*", "matchCriteriaId": "9D230E7A-D852-4040-83CF-164AA3233F00", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_bl465c_gen8_server_blade:-:*:*:*:*:*:*:*", "matchCriteriaId": "1C786E99-CDC8-4265-A05B-931602A4E10B", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_bl660c_gen8_server_blade:-:*:*:*:*:*:*:*", "matchCriteriaId": "91276F1E-6475-479D-857C-689E210116B8", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_bl660c_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "E2E685C0-E20A-4E95-A76F-8D18AF92C0F4", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_dl120_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6B65F98-15A8-48FA-A836-97430AF183EB", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_dl160_gen8_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "346996C3-E131-4BE0-9261-E32D0567F795", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_dl160_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "E1AD90B1-F95C-4A74-AAD5-684C0E0DCBC0", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_dl180_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "B3E4F18F-55E2-4829-A1EF-881D06CC5481", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_dl20_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "31223B01-2107-479B-AC77-1C31BBE2F96C", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_dl320e_gen8_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "51593FEE-B2A5-4642-8A3B-F0A7D85475AA", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_dl320e_gen8_v2_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "ED8AE8A0-82CF-47E9-99F7-FFF1EF632C90", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_dl360_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "34A65EC0-14C7-4838-913D-8EF11144A85B", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_dl360e_gen8_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "AFFBB73F-EAF7-47A2-BD06-FC31172E05B6", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_dl360p_gen8_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "47779C63-CDE4-4BE6-96BA-CBD118E027ED", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_dl380_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "52F6D2D0-482F-4B2F-AF78-82BC56704E8E", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_dl380e_gen8_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "D7D81703-DB67-4650-959B-8787ED450AE3", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_dl380p_gen8_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "6AE425FF-B87E-40D6-A85F-7740418B3A9F", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_dl385p_gen8:-:*:*:*:*:*:*:*", "matchCriteriaId": "DD391773-8FB9-429A-84B3-7DC084AFFD8B", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_dl560_gen8_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "3CED1122-4927-4665-8D6B-A6C986ED6252", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_dl560_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "F2068295-B73A-4C01-8351-C2D8B957845B", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_dl580_gen8_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "407DB236-65BF-4B41-9C75-4D5BC246A905", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_dl580_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "C3EB6796-FE83-42EB-84FF-F405289EE0B1", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_dl60_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "F4F7E5C6-201B-4268-9CA7-13BBA1E74DF0", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_dl80_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "0CF640F8-B432-40DA-93C8-77D8351CB390", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_ec200a_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "7A450C2D-76BE-4192-A913-0B46EC7EA51D", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_microserver_gen8:-:*:*:*:*:*:*:*", "matchCriteriaId": "0EDDEC65-E89C-47CA-9716-F4EB936ADE9A", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_ml110_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "AD3268D0-1F66-47BA-972C-21E809DC2F2E", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_ml150_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "2703B986-0709-4D89-8CAF-7C3FB63D7D3F", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_ml30_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "D9E7C549-3A1B-40DE-A1FC-0BC62040E4C8", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_ml310e_gen8_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "7791C8B1-D949-4AEE-8BC5-40FECA8FBC7A", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_ml310e_gen8_v2_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "DBA3BC52-96CB-4F52-87BC-3E6DF13BD654", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_ml350_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "4BB05A81-BDF5-4D6C-B9E3-1894703F1CC3", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_ml350e_gen8_v2_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "5F3F92AE-CE88-4C38-AC00-6B56198D57F6", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_ml350p_gen8_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FB075F0-2825-43F5-BA0A-8348A082580C", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_sl210t_gen8_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "74F537C3-16DE-4F0C-9C38-6EE9504F841F", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_sl230s_gen8_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "B6795F47-30A0-4433-96FD-808AAF536F45", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_sl250s_gen8_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "533312DC-3EB0-4F15-B7A6-BFCE5CFABC6C", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_sl270s_gen8_se_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "5067AA37-ED79-403B-953E-8EC4807A7067", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_sl270s_gen8_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "361590CD-06A8-4BDF-9C24-053F31468A53", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_sl4540_gen8_1_node_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "B8687283-2061-4D3C-99E5-CB920347413A", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_ws460c_gen8_graphics_server_blade:-:*:*:*:*:*:*:*", "matchCriteriaId": "AFD07DCA-B8AF-409F-A902-AE66CB450152", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_ws460c_gen9_graphics_server_blade:-:*:*:*:*:*:*:*", "matchCriteriaId": "66E10A5D-7C64-460A-9DBE-E5BCBBFDE6C9", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_xl170r_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "58AE85AC-1062-42E2-8142-9BC754D51035", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_xl190r_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "49BA2C97-7AAB-4A55-B487-522715BDC80C", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_xl220a_gen8_v2_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "056D1649-1670-465D-9E48-292B3F451521", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_xl230a_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "AA80708D-3219-4D54-B167-105DDEC5B85D", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_xl250a_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "3E62FEEB-A62D-42F4-A713-4CEAFF9B158E", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_xl450_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "1CEE8B85-1F21-418F-B2D3-90151F6423BF", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_xl730f_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "3C838C36-FFF2-4C90-8BF1-21984D6C9C88", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_xl740f_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4EBB97C-4A68-4276-BFF2-93D58F6F1CA2", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:proliant_xl750f_gen9_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "425FCBD4-A94B-4AE5-B002-258CE1FE97FB", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:synergy_480_gen9_compute_module:-:*:*:*:*:*:*:*", "matchCriteriaId": "29BE9486-493D-495E-8CFA-1E79FE57457C", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:synergy_620_gen9_compute_module:-:*:*:*:*:*:*:*", "matchCriteriaId": "789F7158-51DE-4344-BD8A-1249BFE0158B", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:synergy_660_gen9_compute_module:-:*:*:*:*:*:*:*", "matchCriteriaId": "0163D6F2-5E24-4741-BEF3-7B671A10CA08", "vulnerable": false}, {"criteria": "cpe:2.3:h:hpe:synergy_680_gen9_compute_module:-:*:*:*:*:*:*:*", "matchCriteriaId": "9CBAD3B0-D47D-4E05-96D1-28A989E118CD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 (iLO 4) 2.80 and later."}, {"lang": "es", "value": "Se ha identificado una posible vulnerabilidad de seguridad en Integrated Lights-Out 4 (iLO 4). La vulnerabilidad podr\u00eda permitir una Denegaci\u00f3n de Servicio remota. La vulnerabilidad ha sido resuelta en Integrated Lights-Out 4 (iLO 4) versiones 2.80 y posteriores"}], "id": "CVE-2022-23704", "lastModified": "2024-11-21T06:49:08.550", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-05-09T21:15:08.047", "references": [{"source": "security-alert@hpe.com", "tags": ["Vendor Advisory"], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04240en_us"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04240en_us"}], "sourceIdentifier": "security-alert@hpe.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object