{"id":271672,"date":"2022-08-18T07:49:52","date_gmt":"2022-08-18T05:49:52","guid":{"rendered":"https:\/\/www.borncity.com\/blog\/?p=271672"},"modified":"2022-08-18T07:54:38","modified_gmt":"2022-08-18T05:54:38","slug":"sicherheitsupdate-fr-hpe-integrated-lights-out-ilo","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2022\/08\/18\/sicherheitsupdate-fr-hpe-integrated-lights-out-ilo\/","title":{"rendered":"Sicherheitsupdate f&uuml;r HPE Integrated Lights-Out (iLO)"},"content":{"rendered":"<p><img decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" title=\"Sicherheit (Pexels, allgemeine Nutzung)\" src=\"https:\/\/borncity.com\/blog\/wp-content\/uploads\/2021\/04\/Sicherheit_klein.jpg\" alt=\"Sicherheit (Pexels, allgemeine Nutzung)\" width=\"200\" align=\"left\" \/>[<a href=\"https:\/\/borncity.com\/win\/2022\/08\/18\/sicherheitsupdate-fr-hpe-integrated-lights-out-ilo\/\" target=\"_blank\" rel=\"noopener\">English<\/a>]Hinweis f\u00fcr Administratoren von HPE-Proliant-Servern, die HPEs Integrated Lights-out Versionen einsetzen. HPE hat bereits Ende Juli 2022 ein Security Bulleting f\u00fcr HPE Integrated Lights-Out 5 (iLO 5) ver\u00f6ffentlicht, in dem auf mehrere kritische Schwachstellen hingewiesen wurde. Es steht ein Update f\u00fcr iLO 5.0 bereit, welches zeitnah installiert werden sollte (aber vermutlich ist die Information l\u00e4ngst bei euch angekommen).<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg05.met.vgwort.de\/na\/4858730b02a246b9b8d9484ada41c49e\" alt=\"\" width=\"1\" height=\"1\" \/>Auf HPE-Proliant-Servern wird <a href=\"https:\/\/en.wikipedia.org\/wiki\/HP_Integrated_Lights-Out\" target=\"_blank\" rel=\"noopener\">Integrated Lights-out<\/a> als Software eingesetzt. Integrated Lights-Out (iLO) ist ein Low-Level-Serververwaltungssystem, das f\u00fcr die Out-of-Band-Konfiguration gedacht ist und von Hewlett-Packard Enterprise in einige ihrer Server integriert wird. Die Anbindung an ein Netzwerk erfolgt per einen Ethernet-Port, der auf den meisten ProLiant-Servern und Mikroservern der 300er-Serie und dar\u00fcber vorhanden ist. Die Software f\u00e4llt aber immer wieder durch gravierende Schwachstellen auf und der Patchstand ist auch nicht immer optimal (siehe <a href=\"https:\/\/borncity.com\/blog\/2022\/01\/29\/ber-20-000-hpe-proliant-server-mit-veraltetem-ilo-per-internet-erreichbar\/\">\u00dcber 20.000 HPE Proliant-Server mit veraltetem iLO per Internet erreichbar<\/a>).<\/p>\n<p>Im Security Bulletin <a href=\"https:\/\/support.hpe.com\/hpesc\/public\/docDisplay?docLocale=en_US&amp;docId=emr_na-hpesbhf04333en_us\" target=\"_blank\" rel=\"noopener\">HPESBHF04333 rev.1 &#8211; HPE Integrated Lights-Out 5 (iLO 5), Multiple Vulnerabilities<\/a> vom 28.7.2022 (Revision am 29.7.) weist HPE auf gravierende Schwachstellen (<b><\/b>Local: Arbitrary Code Execution, Denial of Service (DoS), Disclosure of Sensitive Information, Unauthorized Data Modification) in Lights-Out 5.0 (iLO) hin. Dort hei\u00dft es:<\/p>\n<blockquote><p>In der Firmware von HPE Integrated Lights-Out 5 (iLO 5) wurden mehrere lokale und angrenzende Sicherheitsschwachstellen festgestellt. Die Ausnutzung dieser Schwachstellen kann m\u00f6glicherweise zur Ausf\u00fchrung von beliebigem Code, zur Verweigerung von Diensten (DoS), zur Offenlegung vertraulicher Informationen und zur unbefugten \u00c4nderung von Daten f\u00fchren, was einen Verlust der Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zur Folge haben kann.<\/p><\/blockquote>\n<p>Hier die Liste der Schwachstellen:<\/p>\n<ul>\n<li>CVE-2022-28626 &#8211; Local Arbitrary Code Execution<\/li>\n<li>CVE-2022-28627 &#8211; Local Arbitrary Code Execution<\/li>\n<li>CVE-2022-28628 &#8211; Local Arbitrary Code Execution<\/li>\n<li>CVE-2022-28629 &#8211; Local Arbitrary Code Execution<\/li>\n<li>CVE-2022-28630 &#8211; Local Arbitrary Code Execution<\/li>\n<li>CVE-2022-28631 &#8211; Adjacent Arbitrary Code Execution; Denial of Service (DoS)<\/li>\n<li>CVE-2022-28632 &#8211; Adjacent Arbitrary Code Execution; Denial of Service (DoS)<\/li>\n<li>CVE-2022-28633 &#8211; Local Disclosure of Sensitive Information; Local Unauthorized Data Modification<\/li>\n<li>CVE-2022-28634 &#8211; Local Arbitrary Code Execution<\/li>\n<li>CVE-2022-28635 &#8211; Local Arbitrary Code Execution; Denial of Service (DoS)<\/li>\n<li>CVE-2022-28636 &#8211; Local Arbitrary Code Execution; Denial of Service (DoS)<\/li>\n<\/ul>\n<p>Betroffen sind folgende iLO-Versionen:<\/p>\n<ul>\n<li>HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers &#8211; Prior to 2.71<\/li>\n<li>HPE Apollo 2000 Gen10 Plus System &#8211; Prior to 2.71<\/li>\n<li>HPE Apollo 4200 Gen10 Plus System &#8211; Prior to 2.71<\/li>\n<li>HPE Apollo 4200 Gen10 Server &#8211; Prior to 2.71 &#8211; HPE ProLiant XL420 Gen10 Server<\/li>\n<li>HPE Apollo 4510 Gen10 System &#8211; Prior to 2.71<\/li>\n<li>HPE Apollo 6500 Gen10 Plus System &#8211; Prior to 2.71<\/li>\n<li>HPE Apollo 6500 Gen10 System &#8211; Prior to 2.71<\/li>\n<li>HPE Apollo n2600 Gen10 Plus &#8211; Prior to 2.71<\/li>\n<li>HPE Apollo n2800 Gen10 Plus &#8211; Prior to 2.71<\/li>\n<li>HPE Apollo r2000 Chassis &#8211; Prior to 2.71 &#8211; HPE Apollo r2800 Gen10 , r2600 Gen10, r2800 Gen10<\/li>\n<li>HPE Edgeline e920 Server Blade &#8211; Prior to 2.71<\/li>\n<li>HPE Edgeline e920d Server Blade &#8211; Prior to 2.71<\/li>\n<li>HPE Edgeline e920t Server Blade &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DL20 Gen10 Plus server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant BL460c Gen10 Server Blade &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DL20 Gen10 Server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DL110 Gen10 Plus Telco server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DL120 Gen10 Server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DL160 Gen10 Server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DL180 Gen10 Server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DL325 Gen10 Plus server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DL325 Gen10 Plus v2 server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DL325 Gen10 Server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DL345 Gen10 Plus server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DL360 Gen10 Plus server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DL360 Gen10 Server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DL365 Gen10 Plus server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DL380 Gen10 Plus server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DL380 Gen10 Server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DL385 Gen10 Plus server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DL385 Gen10 Plus v2 server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DL385 Gen10 Server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DL560 Gen10 Server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DL580 Gen10 Server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DX170r Gen10 server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DX190r Gen10 server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DX220n Gen10 Plus server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DX325 Gen10 Plus v2 server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DX360 Gen10 Plus server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DX360 Gen10 server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DX380 Gen10 Plus server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DX380 Gen10 server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DX385 Gen10 Plus server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DX385 Gen10 Plus v2 server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DX4200 Gen10 server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant DX560 Gen10 server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant e910 Server Blade &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant e910t Server Blade &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant m750 Server Blade &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant MicroServer Gen10 Plus &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant ML30 Gen10 Plus server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant ML30 Gen10 Server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant ML110 Gen10 Server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant ML350 Gen10 Server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant XL170r Gen10 Server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant XL190r Gen10 Server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant XL220n Gen10 Plus Server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant XL225n Gen10 Plus 1U Node &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant XL230k Gen10 Server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant XL270d Gen10 Server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant XL290n Gen10 Plus Server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant XL450 Gen10 Server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant XL645d Gen10 Plus Server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant XL675d Gen10 Plus Server &#8211; Prior to 2.71<\/li>\n<li>HPE ProLiant XL925g Gen10 Plus 1U 4-node Configure-to-order Server &#8211; Prior to 2.71<\/li>\n<li>HPE Storage File Controller &#8211; Prior to 2.71<\/li>\n<li>HPE Storage Performance File Controller &#8211; Prior to 2.71<\/li>\n<li>HPE StoreEasy 1460 Storage &#8211; Prior to 2.71<\/li>\n<li>HPE StoreEasy 1560 Storage &#8211; Prior to 2.71<\/li>\n<li>HPE StoreEasy 1660 Expanded Storage &#8211; Prior to 2.71<\/li>\n<li>HPE StoreEasy 1660 Performance Storage &#8211; Prior to 2.71<\/li>\n<li>HPE StoreEasy 1660 Storage &#8211; Prior to 2.71<\/li>\n<li>HPE StoreEasy 1860 Performance Storage &#8211; Prior to 2.71<\/li>\n<li>HPE StoreEasy 1860 Storage &#8211; Prior to 2.71<\/li>\n<\/ul>\n<p>Mit HPE Integrated Lights-Out 5 (iLO 5) version 2.71 der h\u00f6her sollen die Schwachstellen behoben sein &#8211; die Updates gibt es im <a href=\"https:\/\/support.hpe.com\/hpesc\/public\/home\" target=\"_blank\" rel=\"noopener\">Hewlett Packard Enterprise Support Center<\/a>. (<a href=\"https:\/\/www.heise.de\/news\/Fernwartung-Kritische-Sicherheitsluecken-in-HPE-Integrated-Lights-Out-iLO-7219923.html\" target=\"_blank\" rel=\"noopener\">via<\/a>)<\/p>\n<p><strong>\u00c4hnliche Artikel:<\/strong><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2017\/08\/25\/sicherheitslcke-in-hpe-integrated-lights-out-4-ilo-4\/\">Sicherheitsl\u00fccke in HPE Integrated Lights-out 4 (iLO 4)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2018\/03\/13\/sicherheitslcke-in-hpe-integrated-lights-out-3-ilo-3\/\">Sicherheitsl\u00fccke in HPE Integrated Lights-Out 3 (iLO 3)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2018\/02\/26\/sicherheitslcke-in-hpe-integrated-lights-out-2-3-4\/\">Sicherheitsl\u00fccke in HPE Integrated Lights-out 2, 3, 4<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2018\/07\/06\/hpe-ilo4-server-authentifizierung-durch-29-as-aushebelbar\/\">HPE iLO4 Server: Authentifizierung durch 29 'A's aushebelbar<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2018\/04\/26\/achtung-ransomware-zielt-auf-hpe-ilo-4\/\">Achtung: Ransomware zielt auf HPE iLO 4!<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/blog\/2022\/01\/29\/ber-20-000-hpe-proliant-server-mit-veraltetem-ilo-per-internet-erreichbar\/\">\u00dcber 20.000 HPE Proliant-Server mit veraltetem iLO per Internet erreichbar<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[English]Hinweis f\u00fcr Administratoren von HPE-Proliant-Servern, die HPEs Integrated Lights-out Versionen einsetzen. HPE hat bereits Ende Juli 2022 ein Security Bulleting f\u00fcr HPE Integrated Lights-Out 5 (iLO 5) ver\u00f6ffentlicht, in dem auf mehrere kritische Schwachstellen hingewiesen wurde. Es steht ein Update &hellip; <a href=\"https:\/\/borncity.com\/blog\/2022\/08\/18\/sicherheitsupdate-fr-hpe-integrated-lights-out-ilo\/\">Weiterlesen <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[426,185],"tags":[4328,4315],"class_list":["post-271672","post","type-post","status-publish","format-standard","hentry","category-sicherheit","category-update","tag-sicherheit","tag-update"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/271672","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=271672"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/271672\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=271672"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=271672"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=271672"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}