#Ilo 2 firmware 2.25 update#
Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial of service via unknown vectors. Login using web browser and confirm that ILO2 is now running firmware 2.25 Next we need to use old 'Smart Update Firmware DVD Proliant Support Pack v10.10' from 2012 because newer SPP is not compatible with older firmwares. Is a keyboard person and web interface integrates server blades. The iLO 2 Virtual Media Java applet does not work well over a low-speed WAN.
#Ilo 2 firmware 2.25 software#
Published: Decem10:29:00 AM -0500Ī remote disclosure of information vulnerability in Moonshot Remote Console Administrator Prior to 2.50, iLO4 prior to v2.53, iLO3 prior to v1.89 and iLO2 prior to v2.30 was found. ILO server management software that enables you to configure, monitor, and update your HPE servers seamlessly, from anywhere in the world. Windows-based systems that have already been updated to the system ROM or iLO versions described in these security bulletins require no further action. I am upgrading them to the latest versions (iLO 2 devices to firmware version 2.25 and the iLO 3. The updated HPE Windows firmware installer was released in the system ROM and HPE Integrated Lights-Out (iLO) releases documented in earlier HPE Security Bulletins: HPESBHF03805, HPESBHF03835, HPESBHF03831. The firmware versions are different but they are all behind.
At that time, the Windows firmware installer was also updated in the versions of HPE Integrated Lights-Out 2, 3, and 4 (iLO 2, 3, and 4) listed in the security bulletin. > <- Use CPQLOCFG.EXE ver 2.25 or greater with this script -> <- This script was written for iLO 2 firmware version 1.00.The HPE Windows firmware installer was updated in the system ROM updates which also addressed the original Spectre/Meltdown set of vulnerabilities.
This issue was resolved in previously provided firmware updates as follows. The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information.