) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:h:hp:proliant_dl380_gen10:-:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2020-7207 |
A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE). This attack requires a physical attack to the server motherboard. To mitigate this issue, ensure your server is always physically secured. HPE will not address this issue in the impacted Gen 10 servers listed. HPE recommends using appropriate physical security methods as a compensating control to disallow an attacker from having physical access to the server main circuit board. Published: November 05, 2020; 4:15:13 PM -0500 |
V3.1: 6.8 MEDIUM V2.0: 7.2 HIGH |
| CVE-2019-11983 |
A remote buffer overflow vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39. Published: June 05, 2019; 1:29:00 PM -0400 |
V3.0: 7.0 HIGH V2.0: 8.3 HIGH |
| CVE-2019-11982 |
A remote cross site scripting vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39. Published: June 05, 2019; 1:29:00 PM -0400 |
V3.0: 8.3 HIGH V2.0: 7.6 HIGH |
| CVE-2018-7117 |
A remote Cross-Site Scripting in HPE iLO 5 Web User Interface vulnerability was identified in HPE Integrated Lights-Out 5 (iLO 5) for Gen10 ProLiant Servers earlier than version v1.40. Published: April 09, 2019; 3:29:01 PM -0400 |
V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |