Goby/json/HP-iLO4-Login-Authenticatio...

{
  "Name": "HP iLO4 Login Authentication Bypass (CVE-2017-12542)",
  "Description": "A vulnerability has been discovered in HPE Integrated Lights-Out 4 (iLO 4) servers, which could allow for remote code execution. HPE iLO 4 is an embedded server management tool used for out-of-band management. ",
  "Product": "HP_iLO4",
  "Homepage": "https://support.hpe.com/",
  "DisclosureDate": "2021-06-11",
  "Author": "Coco413",
  "GobyQuery": "header=\"HP-iLO-Server\"",
  "Level": "3",
  "Impact": "<p>Successful exploitation of this vulnerability could result in remote code execution or authentication bypass. Successful exploitation of the vulnerability could result in the extraction of plaintext passwords, addition of an administrator account, execution of malicious code, or replacement of iLO firmware.<br></p>",
  "Recommendation": "<p>Verify no unauthorized system modifications have occurred on system before applying patch.</p>",
  "References": [
    "https://www.freebuf.com/vuls/167124.html"
  ],
  "HasExp": true,
  "ExpParams": null,
  "ExpTips": {
    "Type": "",
    "Content": ""
  },
  "ScanSteps": [
    "AND"
  ],
  "ExploitSteps": null,
  "Tags": [
    "Login loginauthentication bypass"
  ],
  "CVEIDs": [
    "CVE-2017-12542"
  ],
  "CVSSScore": "9.8",
  "AttackSurfaces": {
    "Application": [
      "HP_iLO4"
    ],
    "Support": null,
    "Service": null,
    "System": null,
    "Hardware": null
  },
  "Disable": false
}
auto 2022-11-25 02:08:58 -08:00			`{`
			`"Name": "HP iLO4 Login Authentication Bypass (CVE-2017-12542)",`
			`"Description": "A vulnerability has been discovered in HPE Integrated Lights-Out 4 (iLO 4) servers, which could allow for remote code execution. HPE iLO 4 is an embedded server management tool used for out-of-band management. ",`
			`"Product": "HP_iLO4",`
			`"Homepage": "https://support.hpe.com/",`
			`"DisclosureDate": "2021-06-11",`
			`"Author": "Coco413",`
			`"GobyQuery": "header=\"HP-iLO-Server\"",`
			`"Level": "3",`
			`"Impact": "<p>Successful exploitation of this vulnerability could result in remote code execution or authentication bypass. Successful exploitation of the vulnerability could result in the extraction of plaintext passwords, addition of an administrator account, execution of malicious code, or replacement of iLO firmware.<br></p>",`
			`"Recommendation": "<p>Verify no unauthorized system modifications have occurred on system before applying patch.</p>",`
			`"References": [`
			`"https://www.freebuf.com/vuls/167124.html"`
			`],`
			`"HasExp": true,`
			`"ExpParams": null,`
			`"ExpTips": {`
			`"Type": "",`
			`"Content": ""`
			`},`
			`"ScanSteps": [`
			`"AND"`
			`],`
			`"ExploitSteps": null,`
			`"Tags": [`
			`"Login loginauthentication bypass"`
			`],`
			`"CVEIDs": [`
			`"CVE-2017-12542"`
			`],`
			`"CVSSScore": "9.8",`
			`"AttackSurfaces": {`
			`"Application": [`
			`"HP_iLO4"`
			`],`
			`"Support": null,`
			`"Service": null,`
			`"System": null,`
			`"Hardware": null`
			`},`
			`"Disable": false`
			`}`