ID CVE-2017-12542
Summary A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 (iLO 4) version prior to 2.53 was found.
References
Vulnerable Configurations
  • HP Integrated Lights-Out 3 (iLO 4) firmware 1.11
    cpe:2.3:o:hp:integrated_lights-out_4_firmware:1.11
  • HP Integrated Lights-Out 3 (iLO 4) firmware 1.13
    cpe:2.3:o:hp:integrated_lights-out_4_firmware:1.13
  • HP Integrated Lights-Out 3 (iLO 4) firmware 1.20
    cpe:2.3:o:hp:integrated_lights-out_4_firmware:1.20
  • HP Integrated Lights-Out 4 (iLO 4) Firmware 2.01
    cpe:2.3:o:hp:integrated_lights-out_4_firmware:2.01
  • HP Integrated Lights-Out 4 Firmware 2.03
    cpe:2.3:o:hp:integrated_lights-out_4_firmware:2.03
  • cpe:2.3:h:hp:integrated_lights-out_4
    cpe:2.3:h:hp:integrated_lights-out_4
CVSS
Base: 10.0
Impact:
Exploitability:
exploit-db via4
description HPE iLO 4 < 2.53 - Add New Administrator User. CVE-2017-12542. Remote exploit for Multiple platform
file exploits/multiple/remote/44005.py
id EDB-ID:44005
last seen 2018-02-09
modified 2018-02-05
platform multiple
port
published 2018-02-05
reporter Exploit-DB
source https://www.exploit-db.com/download/44005/
title HPE iLO 4 < 2.53 - Add New Administrator User
type remote
metasploit via4
description This module exploits an authentication bypass in HP iLO 4 1.00 to 2.50, triggered by a buffer overflow in the Connection HTTP header handling by the web server. Exploiting this vulnerability gives full access to the REST API, allowing arbitrary accounts creation.
id MSF:AUXILIARY/ADMIN/HP/HP_ILO_CREATE_ADMIN_ACCOUNT
last seen 2019-02-07
modified 2018-03-16
published 2018-02-09
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/hp/hp_ilo_create_admin_account.rb
title HP iLO 4 1.00-2.50 Authentication Bypass Administrator Account Creation
nessus via4
  • NASL family CGI abuses
    NASL id ILO_AUTH_BYPASS.NASL
    description According to its version number, the remote HP Integrated Lights-Out 4 (iLO 4) server is affected by multiple unspecified flaws that allow a remote attacker to bypass authentication and execute arbitrary code.
    last seen 2019-01-16
    modified 2018-11-15
    plugin id 102803
    published 2017-08-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102803
    title HP iLO 4 <= 2.52 RCE
  • NASL family CGI abuses
    NASL id ILO_HPESBHF_03769.NASL
    description A remote command execution vulnerability exists in Integrated Lights-Out 4 (iLO 4) due to a buffer overflow in the server's http connection handling code. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands.
    last seen 2019-02-12
    modified 2019-02-11
    plugin id 122095
    published 2019-02-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=122095
    title iLO 4 < 2.53 Remote Code Execution Vulnerability
packetstorm via4
data source https://packetstormsecurity.com/files/download/146303/hpeilo4-adduser.txt
id PACKETSTORM:146303
last seen 2018-02-09
published 2018-02-08
reporter skelsec
source https://packetstormsecurity.com/files/146303/HPE-iLO4-Add-New-Administrator-User.html
title HPE iLO4 Add New Administrator User
refmap via4
bid 100467
confirm https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03769en_us
sectrack 1039222
Last major update 15-02-2018 - 17:29
Published 15-02-2018 - 17:29
Last modified 23-07-2018 - 09:05
Back to Top