CVE-2019-11983: Buffer Overflow
First published: Wed Jun 05 2019(Updated: )
A remote buffer overflow vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39.
Credit: security-alert@hpe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| HPE Integrated Lights-Out 5 firmware | <=1.39 | |
| HPE ProLiant BL460c Gen10 Server Blade | ||
| HP ProLiant DL120 Gen10 Server | ||
| HP ProLiant DL160 Gen10 Server | ||
| HP ProLiant DL180 Gen10 | ||
| HP ProLiant DL20 Gen10 Server | ||
| HPE ProLiant DL325 Gen10 Plus Server | ||
| HP ProLiant DL360 Gen10 | ||
| HPE ProLiant DL380 Gen10 Server | ||
| HPE ProLiant DL385 Gen10 Plus Server | ||
| HP ProLiant dl560 Gen10 | ||
| HP ProLiant dl580 Gen10 | ||
| HPE ProLiant Microserver Gen10 | ||
| HP ProLiant ML110 Gen10 Server | ||
| HP ProLiant ML350 Gen10 Server | ||
| HP ProLiant xl170r Gen10 | ||
| HP ProLiant XL190r Gen10 Server | ||
| HP ProLiant XL230k Gen10 Server | ||
| HPE ProLiant XL450 Gen10 Server | ||
| HP Integrated Lights-Out 4 mRCA firmware | <=2.61b | |
| HPE ProLiant BL460c Gen9 | ||
| HP ProLiant DL120 Gen9 Server | ||
| HP ProLiant DL180 Gen9 Server | ||
| HP ProLiant DL360 Gen9 Server | ||
| HPE ProLiant DL380 Gen9 Server | ||
| HP ProLiant DL580 Gen9 Server | ||
| HP ProLiant ML10 Gen9 Server | =2 | |
| HPE ProLiant ML110 Gen9 Server | ||
| HP ProLiant ML150 | ||
| HP ProLiant ML30 Gen9 Server | =2 | |
| HP ProLiant ML350 Gen9 Server | ||
| HP ProLiant WS460c Gen9 Workstation Firmware | ||
| HP ProLiant XL170r Gen9 Server | ||
| HPE ProLiant xl190r gen9 server | ||
| HPE ProLiant XL230a Gen9 Server | ||
| HPE ProLiant XL250a Gen9 Server | ||
| HPE ProLiant XL730f Gen9 | ||
| HP ProLiant XL740f Gen9 Server | ||
| HPE ProLiant XL750f Gen9 Server |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-11983?
CVE-2019-11983 is a remote buffer overflow vulnerability in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39.
Which HPE products are affected by CVE-2019-11983?
HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39 are affected by CVE-2019-11983.
What is the severity of CVE-2019-11983?
CVE-2019-11983 has a severity level of high.
How can I fix CVE-2019-11983?
To fix CVE-2019-11983, update HPE Integrated Lights-Out 4 (iLO 4) to v2.61b or later for Gen9 servers, and update Integrated Lights-Out 5 (iLO 5) to version v1.39 or later for Gen10 Servers.
Where can I find more information about CVE-2019-11983?
For more information about CVE-2019-11983, you can visit the HPE support page at [link](https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03917en_us).
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/references
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/hp
- canonical/hpe integrated lights-out 5 firmware
- version/hpe integrated lights-out 5 firmware/1.39
- canonical/hpe proliant bl460c gen10 server blade
- canonical/hp proliant dl120 gen10 server
- canonical/hp proliant dl160 gen10 server
- canonical/hp proliant dl180 gen10
- canonical/hp proliant dl20 gen10 server
- canonical/hpe proliant dl325 gen10 plus server
- canonical/hp proliant dl360 gen10
- canonical/hpe proliant dl380 gen10 server
- canonical/hpe proliant dl385 gen10 plus server
- canonical/hp proliant dl560 gen10
- canonical/hp proliant dl580 gen10
- canonical/hpe proliant microserver gen10
- canonical/hp proliant ml110 gen10 server
- canonical/hp proliant ml350 gen10 server
- canonical/hp proliant xl170r gen10
- canonical/hp proliant xl190r gen10 server
- canonical/hp proliant xl230k gen10 server
- canonical/hpe proliant xl450 gen10 server
- canonical/hp integrated lights-out 4 mrca firmware
- version/hp integrated lights-out 4 mrca firmware/2.61b
- canonical/hpe proliant bl460c gen9
- canonical/hp proliant dl120 gen9 server
- canonical/hp proliant dl180 gen9 server
- canonical/hp proliant dl360 gen9 server
- canonical/hpe proliant dl380 gen9 server
- canonical/hp proliant dl580 gen9 server
- canonical/hp proliant ml10 gen9 server
- version/hp proliant ml10 gen9 server/2
- canonical/hpe proliant ml110 gen9 server
- canonical/hp proliant ml150
- canonical/hp proliant ml30 gen9 server
- version/hp proliant ml30 gen9 server/2
- canonical/hp proliant ml350 gen9 server
- canonical/hp proliant ws460c gen9 workstation firmware
- canonical/hp proliant xl170r gen9 server
- canonical/hpe proliant xl190r gen9 server
- canonical/hpe proliant xl230a gen9 server
- canonical/hpe proliant xl250a gen9 server
- canonical/hpe proliant xl730f gen9
- canonical/hp proliant xl740f gen9 server
- canonical/hpe proliant xl750f gen9 server