What is the severity of CVE-2013-4784?

CVE-2013-4784 is considered a high-severity vulnerability due to its ability to allow remote attackers to bypass authentication.

How do I fix CVE-2013-4784?

To fix CVE-2013-4784, update the HP Integrated Lights-Out firmware to the latest version provided by HP.

What does CVE-2013-4784 exploit?

CVE-2013-4784 exploits the use of cipher suite 0 in the HP Integrated Lights-Out BMC, allowing unauthorized access.

Who is affected by CVE-2013-4784?

CVE-2013-4784 affects users of HP Integrated Lights-Out BMC implementations that are using vulnerable cipher configurations.

Can CVE-2013-4784 be mitigated?

Yes, CVE-2013-4784 can be mitigated by disabling the use of cipher suite 0 and enforcing stronger authentication protocols.

Vulnerability/
CVE-2013-4784

critical

CWE

287

8/7/2013

6/8/2024

CVE-2013-4784

First published: Mon Jul 08 2013(Updated: )

The HP Integrated Lights-Out (iLO) BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
HP Integrated Lights-Out

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-4784?
CVE-2013-4784 is considered a high-severity vulnerability due to its ability to allow remote attackers to bypass authentication.
How do I fix CVE-2013-4784?
To fix CVE-2013-4784, update the HP Integrated Lights-Out firmware to the latest version provided by HP.
What does CVE-2013-4784 exploit?
CVE-2013-4784 exploits the use of cipher suite 0 in the HP Integrated Lights-Out BMC, allowing unauthorized access.
Who is affected by CVE-2013-4784?
CVE-2013-4784 affects users of HP Integrated Lights-Out BMC implementations that are using vulnerable cipher configurations.
Can CVE-2013-4784 be mitigated?
Yes, CVE-2013-4784 can be mitigated by disabling the use of cipher suite 0 and enforcing stronger authentication protocols.

agent/type
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/references
agent/weakness
agent/severity
agent/author
agent/description
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/hp
canonical/hp integrated lights-out

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.