cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-20906,https://securityvulnerability.io/vulnerability/CVE-2024-20906,Remote Administration Vulnerability in Oracle Integrated Lights Out Manager,"A vulnerability exists in Oracle's Integrated Lights Out Manager (ILOM) that allows a high privileged attacker with network access to exploit the system through ICMP. While it resides within the ILOM, the impact can extend to additional products, posing significant risks. Successful exploitation requires human interaction from someone other than the attacker, leading to unauthorized access for data updates, inserts, or deletions. Additionally, attackers may gain unauthorized read access to critical ILOM data, highlighting the need for immediate security measures.",Oracle,SSM - (hot-tamale) ILOM: Integrated Lights Out Manager,4.8,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-01-16T21:41:12.976Z,0
CVE-2018-2566,https://securityvulnerability.io/vulnerability/CVE-2018-2566,,"Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). Supported versions that are affected are 3.x and 4.x. Difficult to exploit vulnerability allows low privileged attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM). Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Integrated Lights Out Manager (ILOM), attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized access to critical data or complete access to all Integrated Lights Out Manager (ILOM) accessible data. CVSS 3.0 Base Score 7.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N).",Oracle,Ssm - (hot-tamale) Ilom: Integrated Lights Out Manager,7.7,HIGH,0.0010900000343099236,false,false,false,false,,false,false,2018-01-18T02:00:00.000Z,0
CVE-2018-2568,https://securityvulnerability.io/vulnerability/CVE-2018-2568,,"Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). Supported versions that are affected are 3.x and 4.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).",Oracle,Ssm - (hot-tamale) Ilom: Integrated Lights Out Manager,7.3,HIGH,0.001230000052601099,false,false,false,false,,false,false,2018-01-18T02:00:00.000Z,0
CVE-2017-10194,https://securityvulnerability.io/vulnerability/CVE-2017-10194,,Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: System Management). The supported version that is affected is Prior to 3.2.6. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Integrated Lights Out Manager (ILOM) accessible data. CVSS 3.0 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).,Oracle,Ssm - (hot-tamale) Ilom: Integrated Lights Out Manager,2.7,LOW,0.0004900000058114529,false,false,false,false,,false,false,2017-10-19T17:00:00.000Z,0
CVE-2017-10260,https://securityvulnerability.io/vulnerability/CVE-2017-10260,,Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: System Management). The supported version that is affected is Prior to 3.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).,Oracle,Ssm - (hot-tamale) Ilom: Integrated Lights Out Manager,7.5,HIGH,0.0005600000149570405,false,false,false,false,,false,false,2017-10-19T17:00:00.000Z,0
CVE-2017-10265,https://securityvulnerability.io/vulnerability/CVE-2017-10265,,"Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: System Management). The supported version that is affected is Prior to 3.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized read access to a subset of Oracle Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).",Oracle,Ssm - (hot-tamale) Ilom: Integrated Lights Out Manager,7.3,HIGH,0.0006399999838322401,false,false,false,false,,false,false,2017-10-19T17:00:00.000Z,0
CVE-2016-5448,https://securityvulnerability.io/vulnerability/CVE-2016-5448,,"Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect integrity and availability via vectors related to SNMP.",Oracle,Integrated Lights Out Manager Firmware,6.5,MEDIUM,0.0029700000304728746,false,false,false,false,,false,false,2016-07-21T10:00:00.000Z,0
CVE-2016-5457,https://securityvulnerability.io/vulnerability/CVE-2016-5457,,"Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to LUMAIN.",Oracle,Integrated Lights Out Manager Firmware,8.8,HIGH,0.0027799999807029963,false,false,false,false,,false,false,2016-07-21T10:00:00.000Z,0
CVE-2016-3481,https://securityvulnerability.io/vulnerability/CVE-2016-3481,,"Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote authenticated users to affect availability via vectors related to Web.",Oracle,Integrated Lights Out Manager Firmware,7.7,HIGH,0.001180000021122396,false,false,false,false,,false,false,2016-07-21T10:00:00.000Z,0
CVE-2016-5445,https://securityvulnerability.io/vulnerability/CVE-2016-5445,,"Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.",Oracle,Integrated Lights Out Manager Firmware,8.3,HIGH,0.0020200000144541264,false,false,false,false,,false,false,2016-07-21T10:00:00.000Z,0
CVE-2016-3585,https://securityvulnerability.io/vulnerability/CVE-2016-3585,,"Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality and integrity via vectors related to Emulex.",Oracle,Integrated Lights Out Manager Firmware,7.4,HIGH,0.0025100000202655792,false,false,false,false,,false,false,2016-07-21T10:00:00.000Z,0
CVE-2016-5446,https://securityvulnerability.io/vulnerability/CVE-2016-5446,,"Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Infrastructure.",Oracle,Integrated Lights Out Manager Firmware,7.3,HIGH,0.0024399999529123306,false,false,false,false,,false,false,2016-07-21T10:00:00.000Z,0
CVE-2016-5447,https://securityvulnerability.io/vulnerability/CVE-2016-5447,,"Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.",Oracle,Integrated Lights Out Manager Firmware,7.6,HIGH,0.0013299999991431832,false,false,false,false,,false,false,2016-07-21T10:00:00.000Z,0
CVE-2016-3451,https://securityvulnerability.io/vulnerability/CVE-2016-3451,,"Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect integrity via vectors related to Web.",Oracle,Integrated Lights Out Manager Firmware,4.7,MEDIUM,0.0017000000225380063,false,false,false,false,,false,false,2016-07-21T10:00:00.000Z,0
CVE-2016-5453,https://securityvulnerability.io/vulnerability/CVE-2016-5453,,"Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to IPMI.",Oracle,Integrated Lights Out Manager Firmware,9.8,CRITICAL,0.006949999835342169,false,false,false,false,,false,false,2016-07-21T10:00:00.000Z,0
CVE-2016-5449,https://securityvulnerability.io/vulnerability/CVE-2016-5449,,"Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect availability via vectors related to Console Redirection.",Oracle,Integrated Lights Out Manager Firmware,7.5,HIGH,0.003809999907389283,false,false,false,false,,false,false,2016-07-21T10:00:00.000Z,0
CVE-2015-2808,https://securityvulnerability.io/vulnerability/CVE-2015-2808,,"The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the ""Bar Mitzvah"" issue.",Oracle,"Http Server,Integrated Lights Out Manager Firmware,Communications Application Session Controller,Communications Policy Management",,,0.004379999823868275,false,false,false,false,,false,false,2015-04-01T00:00:00.000Z,0
CVE-2015-0424,https://securityvulnerability.io/vulnerability/CVE-2015-0424,,"Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) component in Oracle Sun Systems Products Suite ILOM prior to 3.2.4 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to IPMI.",Oracle,Integrated Lights Out Manager Firmware,,,0.003860000055283308,false,false,false,false,,false,false,2015-01-21T19:00:00.000Z,0
CVE-2014-6584,https://securityvulnerability.io/vulnerability/CVE-2014-6584,,Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) component in Oracle Sun Systems Products Suite ILOM before 3.2.4 allows remote authenticated users to affect confidentiality via unknown vectors related to Backup Restore.,Oracle,Integrated Lights Out Manager Firmware,,,0.000859999970998615,false,false,false,false,,false,false,2015-01-21T15:00:00.000Z,0
CVE-2013-2566,https://securityvulnerability.io/vulnerability/CVE-2013-2566,,"The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.",Oracle,"Http Server,Integrated Lights Out Manager Firmware,Communications Application Session Controller",5.9,MEDIUM,0.007939999923110008,false,false,false,false,,false,false,2013-03-15T21:55:00.000Z,0
CVE-2008-4722,https://securityvulnerability.io/vulnerability/CVE-2008-4722,,"Unspecified vulnerability in Sun Integrated Lights-Out Manager (ILOM) 2.0.1.5 through 2.0.4.26 allows remote authenticated users to (1) access the service processor (SP) and cause a denial of service (shutdown or reboot), or (2) access the host operating system and have an unspecified impact, via unknown vectors.",Oracle,"Integrated Lights-out Manager,Blade 6000 Modular System With Chassis,Blade 6048 Modular System With Chassis,Blade 8000 Modular System,Blade 8000p Modular System,Blade T6320 Server Module,Blade X6220 With Server Module Software,Blade X6250 With Server Module Software,Blade X6450 With Server Module Software,Blade X8400,Blade X8420,Blade X8440,Blade X8450,Fire X2250 Server,Fire X4100 Server,Fire X4100m2 Server,Fire X4140 Server,Fire X4150 Server,Fire X4200 Server,Fire X4200m2 Server,Fire X4240 Server,Fire X4250 Server,Fire X4440 Server,Fire X4450 Server,Fire X4500 Server,Fire X4540 Server,Fire X4600 Server,Fire X4600m2 Server,Netra,Netra X4200m2 Server,Netra X4250 Server,Netra X4450,Sparc Enterprise Server T5120,Sparc Enterprise Server T5140,Sparc Enterprise Server T5220,Sparc Enterprise Server T5240,Sparc Enterprise Server T5440",,,0.0073899999260902405,false,false,false,false,,false,false,2008-10-23T21:00:00.000Z,0