CVE-2022-23701
N/A
N/A
Summary
A potential remote host header injection security vulnerability has been identified in HPE Integrated Lights-Out 4 (iLO 4) firmware version(s): Prior to 2.60. This vulnerability could be remotely exploited to allow an attacker to supply invalid input to the iLO 4 webserver, causing it to respond with a redirect to an attacker-controlled domain. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 4 (iLO 4).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | HPE Integrated Lights-Out 4 (iLO 4) | Prior to 2.60 | affected |
Weaknesses
- remote host header injection
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.