Page 1 of 1

Appliance update: iLO 2.70

Posted: Fri Jun 21, 2019 10:49 am
by mark
For Search Appliances based on HP hardware there is an update for the iLO firmware. Download it from https://ftp.thunderstone.com/pub/HP-iLO4/2.70/

Major Fixes:
CVE-2019-11982 - Cross-Site Scripting (XSS),
CVE-2019-11983 - Buffer overflow in CLI,
CVE-2018-7117 - Cross-Site Scripting (XSS)

Login to iLO, navigate to the Update Firmware page, and update the firmware from there using the ilo4_70.bin file.

If you're not sure if you have an affected appliance or don't know how to access iLO go to the appliance's
System / Information / System Information
page. Look on the "System" tab. If it shows "iLO Admin:" use that URL to access iLO. If it doesn't show then your appliance doesn't have iLO and no update is necessary. Updating iLO won't affect the appliance search or walk interfaces or activity.

Appliance update: iLO 2.70

Posted: Wed Jul 10, 2019 1:05 pm
by mark
Also, there's now an HTML5 remote console in iLO 2.70 so that Java is not required.