Release Date: 2018-10-22

Last Updated: 2018-09-13


Potential Security Impact: Local: Disclosure of Sensitive Information; Remote: Arbitrary Code Execution

Source: Hewlett Packard Enterprise, HPE Product Security Response Team

VULNERABILITY SUMMARY

A security vulnerability in HPE Integrated Lights-Out (iLO) 3, 4, and 5 could be remotely exploited by an administrator to execute arbitrary code and allow Local Disclosure of Sensitive Information.

References: CVE-2018-7105 – Remote execution of arbitrary code, Local Disclosure of Sensitive Information

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.

  • HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35
  • HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61
  • HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90

BACKGROUND

CVSS Version 3.0 and Version 2.0 Base Metrics

ReferenceV3 VectorV3 Base ScoreV2 VectorV2 Base Score
CVE-2018-7105CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H7.2(AV:N/AC:L/Au:S/C:C/I:C/A:C)9.0

Information on CVSS is documented in HPE Customer Notice: HPSN-2008-002

Hewlett Packard Enterprise would like to thank Le bureau Audit en Sécurité de l’ANSSI for reporting this vulnerability to [email protected]

RESOLUTION

HPE has provided the following software updates and mitigation information to resolve the vulnerability in HPE Integrated Lights-Out 3, 4, and 5.

* iLO 5 v1.35 
* iLO 4 v2.61 
* iLO 3 v1.90 

Customers can also mitigate this vulnerability by taking one or more of the following actions:

  • Disabling SSH entirely.
  • Disabling serial port access entirely.
  • Requiring serial port authentication.

HISTORY

  • Version:1 (rev.1) – 13 September 2018 Initial release
  • Version:2 (rev.2) – 22 October 2018 Revised CVSS Metrics and Scores, removed unnecessary CVE – CVE-2018-7106

Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer’s patch management policy.

Articolo precedenteHPESBHF03875 rev.1 – HPE Integrated Lights Out 4 and 5, (iLO 4, 5), Remote Denial of Service
Prossimo articoloHPESBHF03894 rev.1 – HPE Integrated Lights-Out 5 (iLO 5) Firmware Updates, Local Bypass of Security Restrictions
Founder of Smeretech.com. Sys Admin and IT Manager