- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- ProLiant Servers (ML,DL,SL)
- >
- HP ILO 4 QUALYS Vulnerability
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-20-2019 11:38 AM
05-20-2019 11:38 AM
HP ILO 4 QUALYS Vulnerability
Howdy has anyone found that qualys is detecting a vulnerability on the HP ILO 4 cards on Proliant DL380 GEN 9 servers that is due to having an outdated version of jquery running on the ILO?
The Qualys QID is 13477 and the vulnerability reported is that there is an outdated version of Jquery 1.x or 2.x found on the ILO cards.I am running the latest version of firmware which is 2.62.
HPE support hasn't been able to provide any information on this issue or even verify that jquery is used on the cards or if there is a way to disable jquery.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-21-2019 03:35 AM
05-21-2019 03:35 AM
Re: HP ILO 4 QUALYS Vulnerability
Hello Maver,
Please follow the below actions
1) update iLO FW to version 2.70 and check for reported issue
2) check the status again by re-scanning
3) if reported issue persists then please contact HPE support to log a case
Please dont forget to export CVE outcome to an excel file and share with hpe along AHS logs
Regards