CVE-2013-4784

CVE Database · CVE-2013-4784

CVE-2013-4784

· N/AModified

CVSS v3.1

N/A

EPSS

49.59%

Published

Jul 8, 2013

Modified

Apr 28, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The HP Integrated Lights-Out (iLO) BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.

Weaknesses (CWE)

CWE-287

Affected Products (1)

hp · integrated_lights-out_bmcvulnerable

References (14)

http://fish2.com/ipmi/cipherzero.html

http://osvdb.org/show/osvdb/93040

http://www.metasploit.com/modules/auxiliary/scanner/ipmi/ipmi_cipher_zero

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

http://www.wired.com/threatlevel/2013/07/ipmi/

https://exchange.xforce.ibmcloud.com/vulnerabilities/85569

https://lists.gnu.org/archive/html/freeipmi-devel/2013-02/msg00013.html

http://fish2.com/ipmi/cipherzero.html

http://osvdb.org/show/osvdb/93040

http://www.metasploit.com/modules/auxiliary/scanner/ipmi/ipmi_cipher_zero

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

KEV Catalog EPSS Scores Vendors All CVEs