Vulnerabilities (CVE)

Filtered by vendor Oracle Subscribe
Filtered by product Integrated Lights Out Manager Firmware
Total 21 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-2568 1 Oracle 1 Integrated Lights Out Manager Firmware 2024-11-21 7.5 HIGH 7.3 HIGH
Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). Supported versions that are affected are 3.x and 4.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).
CVE-2018-2566 1 Oracle 1 Integrated Lights Out Manager Firmware 2024-11-21 4.0 MEDIUM 7.7 HIGH
Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). Supported versions that are affected are 3.x and 4.x. Difficult to exploit vulnerability allows low privileged attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM). Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Integrated Lights Out Manager (ILOM), attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized access to critical data or complete access to all Integrated Lights Out Manager (ILOM) accessible data. CVSS 3.0 Base Score 7.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N).
CVE-2017-10265 1 Oracle 1 Integrated Lights Out Manager Firmware 2024-11-21 7.5 HIGH 7.3 HIGH
Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: System Management). The supported version that is affected is Prior to 3.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized read access to a subset of Oracle Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).
CVE-2017-10260 1 Oracle 1 Integrated Lights Out Manager Firmware 2024-11-21 7.8 HIGH 7.5 HIGH
Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: System Management). The supported version that is affected is Prior to 3.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
CVE-2017-10194 1 Oracle 1 Integrated Lights Out Manager Firmware 2024-11-21 4.0 MEDIUM 2.7 LOW
Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: System Management). The supported version that is affected is Prior to 3.2.6. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Integrated Lights Out Manager (ILOM) accessible data. CVSS 3.0 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).
CVE-2016-5457 1 Oracle 1 Integrated Lights Out Manager Firmware 2024-11-21 9.0 HIGH 8.8 HIGH
Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to LUMAIN.
CVE-2016-5453 1 Oracle 1 Integrated Lights Out Manager Firmware 2024-11-21 7.5 HIGH 9.8 CRITICAL
Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to IPMI.
CVE-2016-5449 1 Oracle 1 Integrated Lights Out Manager Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect availability via vectors related to Console Redirection.
CVE-2016-5448 1 Oracle 1 Integrated Lights Out Manager Firmware 2024-11-21 6.4 MEDIUM 6.5 MEDIUM
Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect integrity and availability via vectors related to SNMP.
CVE-2016-5447 1 Oracle 1 Integrated Lights Out Manager Firmware 2024-11-21 6.5 MEDIUM 7.6 HIGH
Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2016-5446 1 Oracle 1 Integrated Lights Out Manager Firmware 2024-11-21 7.5 HIGH 7.3 HIGH
Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Infrastructure.
CVE-2016-5445 1 Oracle 1 Integrated Lights Out Manager Firmware 2024-11-21 7.5 HIGH 8.3 HIGH
Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2016-3585 1 Oracle 1 Integrated Lights Out Manager Firmware 2024-11-21 5.8 MEDIUM 7.4 HIGH
Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality and integrity via vectors related to Emulex.
CVE-2016-3481 1 Oracle 1 Integrated Lights Out Manager Firmware 2024-11-21 4.0 MEDIUM 7.7 HIGH
Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote authenticated users to affect availability via vectors related to Web.
CVE-2016-3451 1 Oracle 1 Integrated Lights Out Manager Firmware 2024-11-21 4.3 MEDIUM 4.7 MEDIUM
Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect integrity via vectors related to Web.
CVE-2015-3195 9 Apple, Canonical, Debian and 6 more 25 Mac Os X, Ubuntu Linux, Debian Linux and 22 more 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application.
CVE-2015-2808 9 Canonical, Debian, Fujitsu and 6 more 99 Ubuntu Linux, Debian Linux, Sparc Enterprise M3000 and 96 more 2024-11-21 5.0 MEDIUM N/A
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.
CVE-2015-0424 1 Oracle 1 Integrated Lights Out Manager Firmware 2024-11-21 7.5 HIGH N/A
Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) component in Oracle Sun Systems Products Suite ILOM prior to 3.2.4 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to IPMI.
CVE-2014-6584 1 Oracle 1 Integrated Lights Out Manager Firmware 2024-11-21 4.0 MEDIUM N/A
Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) component in Oracle Sun Systems Products Suite ILOM before 3.2.4 allows remote authenticated users to affect confidentiality via unknown vectors related to Backup Restore.
CVE-2013-2566 4 Canonical, Fujitsu, Mozilla and 1 more 24 Ubuntu Linux, M10-1, M10-1 Firmware and 21 more 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.