CVE-2023-50272

Summary

A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 6 (iLO 6). The vulnerability could be remotely exploited to allow authentication bypass.

Affected Software

VendorProductVersion RangeStatus
Hewlett Packard Enterprise (HPE)HPE Integrated Lights-out 5 (iLO 5), HPE Integrated Lights-out 6 (iLO 6),iLO 5 - v2.63 through versions prior to v3.00affected
Hewlett Packard Enterprise (HPE)HPE Integrated Lights-out 5 (iLO 5), HPE Integrated Lights-out 6 (iLO 6),iLO 6 - v1.05 through versions prior to v1.55affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References