CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-2387

Apple Xserve Lights-Out Management before Firmware Update 1.0 on Intel hardware does not require a password for remote access to IPMI, which allows remote attackers to gain administrative access via unspecified requests with ipmitool.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.033

EPSS Ranking 86.8%

CVSS Severity

CVSS v2 Score 10.0

References

http://docs.info.apple.com/article.html?artnum=305571
http://lists.apple.com/archives/security-announce/2007/May/msg00006.html
http://osvdb.org/36128
http://secunia.com/advisories/25499
http://www.apple.com/support/downloads/xservelightsoutmanagementfirmwareupdate10.html
http://www.securityfocus.com/bid/24257
http://www.securitytracker.com/id?1018181
http://www.vupen.com/english/advisories/2007/2014
https://exchange.xforce.ibmcloud.com/vulnerabilities/34651
http://docs.info.apple.com/article.html?artnum=305571
http://lists.apple.com/archives/security-announce/2007/May/msg00006.html
http://osvdb.org/36128
http://secunia.com/advisories/25499
http://www.apple.com/support/downloads/xservelightsoutmanagementfirmwareupdate10.html
http://www.securityfocus.com/bid/24257
http://www.securitytracker.com/id?1018181
http://www.vupen.com/english/advisories/2007/2014
https://exchange.xforce.ibmcloud.com/vulnerabilities/34651

Products affected by CVE-2007-2387

Apple » Xserve Lights-Out Management » Version: firmware_0

cpe:2.3:a:apple:xserve_lights-out_management:firmware_0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-2387

Products

Pricing

Contact Us