Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-30911

HPE Integrated Lights-Out 5, and Integrated Lights-Out 6 using iLOrest may cause denial of service.

Security Impact Summary

This vulnerability carries a MEDIUM severity rating with a CVSS v3.1 score of 6.8, indicating it can be exploited remotely over the network with relatively low complexity without requiring user interaction . The vulnerability impacts and availability (service disruption) for affected systems. Impacting 77 products from hpe, from hpe, from hpe and 74 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

Reported in 2023, this vulnerability emerged during an era marked by increased sophistication in supply chain attacks, cloud infrastructure vulnerabilities, and software-as-a-service (SaaS) security challenges. Security practices during this period emphasized zero-trust architectures, container security, and API protection.

Published

2023-10-18T18:15:09.033

Last Modified

2024-11-21T08:01:03.383

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.8 (MEDIUM)

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	hpe	integrated_lights-out_5_firmware	< 2.98	Yes
Hardware	hpe	apollo_2000_system	-	No
Hardware	hpe	apollo_4200_gen10_plus_system	-	No
Hardware	hpe	apollo_4200_gen10_server	-	No
Hardware	hpe	apollo_4510_gen10_system	-	No
Hardware	hpe	apollo_6500_gen10_plus_system	-	No
Hardware	hpe	apollo_6500_gen10_system	-	No
Hardware	hpe	apollo_n2600_gen10_plus	-	No
Hardware	hpe	apollo_n2800_gen10_plus	-	No
Hardware	hpe	apollo_r2200_gen10	-	No
Hardware	hpe	apollo_r2600_gen10	-	No
Hardware	hpe	apollo_r2800_gen10	-	No
Hardware	hpe	edgeline_e920_server_blade	-	No
Hardware	hpe	edgeline_e920d_server_blade	-	No
Hardware	hpe	edgeline_e920t_server_blade	-	No
Hardware	hpe	proliant_bl460c_gen10_server_blade	-	No
Hardware	hpe	proliant_dl110_gen10_plus_telco_server	-	No
Hardware	hpe	proliant_dl160_gen10_server	-	No
Hardware	hpe	proliant_dl180_gen10_server	-	No
Hardware	hpe	proliant_dl20_gen10_plus_server	-	No
Hardware	hpe	proliant_dl20_gen10_server	-	No
Hardware	hpe	proliant_dl325_gen10_plus_server	-	No
Hardware	hpe	proliant_dl325_gen10_plus_v2_server	-	No
Hardware	hpe	proliant_dl345_gen10_plus_server	-	No
Hardware	hpe	proliant_dl360_gen10_plus_server	-	No
Hardware	hpe	proliant_dl360_gen10_server	-	No
Hardware	hpe	proliant_dl365_gen10_plus_server	-	No
Hardware	hpe	proliant_dl380_gen10_plus_server	-	No
Hardware	hpe	proliant_dl380_gen10_server	-	No
Hardware	hpe	proliant_dl385_gen10_plus_server	-	No
Hardware	hpe	proliant_dl385_gen10_plus_v2_server	-	No
Hardware	hpe	proliant_dl385_gen10_server	-	No
Hardware	hpe	proliant_dl560_gen10_server	-	No
Hardware	hpe	proliant_dl580_gen10_server	-	No
Hardware	hpe	proliant_e910_server_blade	-	No
Hardware	hpe	proliant_e910t_server_blade	-	No
Hardware	hpe	proliant_m750_server_blade	-	No
Hardware	hpe	proliant_microserver_gen10_plus	-	No
Hardware	hpe	proliant_microserver_gen10_plus_v2	-	No
Hardware	hpe	proliant_ml110_gen10_server	-	No
Hardware	hpe	proliant_ml30_gen10_plus_server	-	No
Hardware	hpe	proliant_ml30_gen10_server	-	No
Hardware	hpe	proliant_ml350_gen10_server	-	No
Hardware	hpe	proliant_xl170r_gen10_server	-	No
Hardware	hpe	proliant_xl190r_gen10_server	-	No
Hardware	hpe	proliant_xl220n_gen10_plus_server	-	No
Hardware	hpe	proliant_xl225n_gen10_plus_1u_node	-	No
Hardware	hpe	proliant_xl230k_gen10_server	-	No
Hardware	hpe	proliant_xl270d_gen10_server	-	No
Hardware	hpe	proliant_xl290n_gen10_plus_server	-	No
Hardware	hpe	proliant_xl2x260w_gen10_server	-	No
Hardware	hpe	proliant_xl645d_gen10_plus_server	-	No
Hardware	hpe	proliant_xl675d_gen10_plus_server	-	No
Hardware	hpe	proliant_xl925g_gen10_plus_1u_4-node_configure-to-order_server	-	No
Hardware	hpe	synergy_480_gen10_compute_module	-	No
Hardware	hpe	synergy_480_gen10_plus_compute_module	-	No
Hardware	hpe	synergy_660_gen10_compute_module	-	No
Operating System	hpe	integrated_lights-out_6_firmware	< 1.53	Yes
Hardware	hpe	alletra_4110	-	No
Hardware	hpe	alletra_4120	-	No
Hardware	hpe	alletra_4140	-	No
Hardware	hpe	proliant_dl110_gen11	-	No
Hardware	hpe	proliant_dl20_gen11	-	No
Hardware	hpe	proliant_dl320_gen11_server	-	No
Hardware	hpe	proliant_dl325_gen11_server	-	No
Hardware	hpe	proliant_dl345_gen11_server	-	No
Hardware	hpe	proliant_dl360_gen11_server	-	No
Hardware	hpe	proliant_dl365_gen11_server	-	No
Hardware	hpe	proliant_dl380_gen11_server	-	No
Hardware	hpe	proliant_dl380a_gen11	-	No
Hardware	hpe	proliant_dl385_gen11_server	-	No
Hardware	hpe	proliant_dl560_gen11	-	No
Hardware	hpe	proliant_ml110_gen11	-	No
Hardware	hpe	proliant_ml30_gen11	-	No
Hardware	hpe	proliant_ml350_gen11_server	-	No
Hardware	hpe	proliant_rl300_gen11	-	No
Hardware	hpe	synergy_480_gen11_compute_module	-	No

References

https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04544en_us Vendor Advisory ([email protected])
https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04544en_us Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For hpe's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.