Critical vulnerabilities CVE-2022-28631, CVE-2022-28632, CVE-2022-28627 and CVE-2022-28628 in HPE Integrated Lights-Out (iLO) closed.

16th August 2022

Hewlett Packard Enterprises (HPE) has closed important vulnerabilities in its remote management product Lights-Out 5 (iLO 5). Attackers were able to infiltrate and execute malicious code in iLO 5 due to security vulnerabilities, some of which were critical. HPE classifies four of the vulnerabilities as critical (CVE-2022-28631, CVE-2022-28632, CVE-2022-28627 and CVE-2022-28628). HPE has provided updated software packages (go to HPE Support Center) that address the vulnerabilities. These are sealed with firmware version HPE Integrated Lights-Out 5 (iLO 5) 2.71 or newer.

If you have further questions on this matter or if you require support, please contact our Customer Support.

Contact

Peter Schwark

RSS-Feed

Our RSS feed always keeps you up to date! This way, you’ll receive same-day notification when a new article has been posted to the IT Security Bulletin. Just enter the following link in your feed reader:

https://www.vivavis.com/en/category/it-security-en/feed/

You can find out how to integrate the RSS feed into Outlook here.

Call now
Call now +90 (0)212 801 0 333
Send E-mail
Send E-mail info@vivavis.com.tr
Locations & Contact
Locations & Contact View now