Bypassing Authentication and Executing Arbitrary IPMI Commands in HP Integrated Lights-Out (iLO) BMC Implementation
CVE-2013-4784 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
The HP Integrated Lights-Out (iLO) BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.
Learn more about our Web Application Penetration Testing UK.