Vulnerabilities

CVE-2016-4379

by Fred · 08/09/2016

The TLS implementation in HPE Integrated Lights-Out 3 (aka iLO3) firmware before 1.88 does not properly use a MAC protection mechanism in conjunction with CBC padding, which allows remote attackers to obtain sensitive information via a padding-oracle attack, aka a Vaudenay attack.

Date published : 2016-09-08

http://www.securityfocus.com/bid/92696

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05249760

Similar

Tags: Cybersecurity Alert