CVE-2018-7093

EPSS 3.5%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 3.5%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

14 Aug 2018Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior to v2.55 could be remotely exploited to create a denial of service.

Affected products

Hewlett Packard Enterprise · iLO 5 for HPE Gen10 Servers, iLO 4, iLO 3, Moonshot Chassis Management Firmware, Moonshot Component Packs for HPE ProLiant m510 and m710x server cartridges

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03835en_us http://www.securitytracker.com/id/1041435