Vulnerability in HPE Integrated Lights-Out 3 (iLO 3)

[German]Does anyone of you use the Integrated Lights-out for HP client servers management software? Integrated Lights-out3 (iLO 3) has a security vulnerability allowing DDoS attacks.


The Integrated Lights-out3 (iLO 3) management software for HP client servers has a vulnerability that can be exploited for Denial of Service (DoS) attacks. HPE already released this Security Bulletin in mid-February 2017 – I came across at the end of February 2018.

The vulnerability CVE-2017-8987 – Unauthenticated Remote Denial of Service – exists in HPE Integrated Lights-Out 3 (iLO 3)1.88P. HP recommends upgrading to HPE Integrated Lights-Out 3 (iLO 3)1.89. The upgrade is available in the HPE Support Center. Details can be found in the Security Bulletin.

Cookies helps to fund this blog: Cookie settings

This entry was posted in Security and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *