Oracle Integrated Lights Out Manager (ILOM) 3.2

CPE Details

Oracle Integrated Lights Out Manager (ILOM) 3.2
oracle
integrated_lights_out_manager_firmware
3.2
2020-08-26
10h04 +00:00
2020-08-26
10h04 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2:*:*:*:*:*:*:*

Informations

Vendor

oracle

Product

integrated_lights_out_manager_firmware

Version

3.2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2017-10194 2017-10-19
15h00 +00:00		 Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: System Management). The supported version that is affected is Prior to 3.2.6. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Integrated Lights Out Manager (ILOM) accessible data. CVSS 3.0 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).
2.7
Low
CVE-2017-10260 2017-10-19
15h00 +00:00		 Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: System Management). The supported version that is affected is Prior to 3.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
7.5
High
CVE-2017-10265 2017-10-19
15h00 +00:00		 Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: System Management). The supported version that is affected is Prior to 3.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized read access to a subset of Oracle Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).
7.3
High
CVE-2016-3451 2016-07-21
08h00 +00:00		 Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect integrity via vectors related to Web.
4.7
Medium
CVE-2016-3481 2016-07-21
08h00 +00:00		 Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote authenticated users to affect availability via vectors related to Web.
7.7
High
CVE-2016-3585 2016-07-21
08h00 +00:00		 Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality and integrity via vectors related to Emulex.
7.4
High
CVE-2016-5445 2016-07-21
08h00 +00:00		 Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
8.3
High
CVE-2016-5446 2016-07-21
08h00 +00:00		 Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Infrastructure.
7.3
High
CVE-2016-5447 2016-07-21
08h00 +00:00		 Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
7.6
High
CVE-2016-5448 2016-07-21
08h00 +00:00		 Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect integrity and availability via vectors related to SNMP.
6.5
Medium
CVE-2016-5449 2016-07-21
08h00 +00:00		 Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect availability via vectors related to Console Redirection.
7.5
High
CVE-2016-5453 2016-07-21
08h00 +00:00		 Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to IPMI.
9.8
Critical
CVE-2016-5457 2016-07-21
08h00 +00:00		 Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to LUMAIN.
8.8
High
CVE-2015-3195 2015-12-05
23h00 +00:00		 The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application.
5.3
Medium
CVE-2015-2808 2015-03-31
22h00 +00:00		 The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.
5
CVE-2015-0424 2015-01-21
18h00 +00:00		 Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) component in Oracle Sun Systems Products Suite ILOM prior to 3.2.4 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to IPMI.
7.5
CVE-2014-6584 2015-01-21
14h00 +00:00		 Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) component in Oracle Sun Systems Products Suite ILOM before 3.2.4 allows remote authenticated users to affect confidentiality via unknown vectors related to Backup Restore.
4
CVE-2013-2566 2013-03-14
21h00 +00:00		 The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.
5.9
Medium