BugZero | Hewlett Packard Enterprise BugID a00136386en_us - HPE Integrated Lights-Out 6 (iLO 6) and iLO 5 Onli...

OPERATIONAL DEFECT DATABASE

...

BugZero | Hewlett Packard Enterprise BugID a00136386en_us - HPE Integrated Lights-Out 6 (iLO 6) and iLO 5 Onli...

Hewlett Packard Enterprise - Defect ID: a00136386en_us

HPE Integrated Lights-Out 6 (iLO 6) and iLO 5 Online ROM Flash Component for Linux Fails to Update iLO Firmware when the Security State in iLO Is Set to High Security, FIPS or CNSA Mode

Hewlett Packard Enterprise - Defect ID: a00136386en_us

HPE Integrated Lights-Out 6 (iLO 6) and iLO 5 Online ROM Flash Component for Linux Fails to Update iLO Firmware when the Security State in iLO Is Set to High Security, FIPS or CNSA Mode

Last updated on December 6th, 2023

BugZero Risk Score
4.2 Medium

Overall: 4.2

Severity: 4.6

Community: 5.5

What is the BugZero Risk Score?

Hewlett Packard Enterprise Integration

Learn more about where this data comes from

Hewlett Packard Enterprise Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Priority: Low

Description

Summary

The HPE Integrated Lights-Out 6 iLO 6) and iLO 5 Online ROM Flash Component for Linux fails to update iLO firmware to v1.53 and v2.98 respectively when the security state in iLO is set to High Security, FIPS or CNSA mode.When iLO Online ROM Flash Component for Linux is run on systems where the security state of iLO 6 or iLO 5 is set to High Security, FIPS or CNSA mode, the component fails to update (upgrade or downgrade) iLO firmware. The issue is seen only on systems having Red Hat Enterprise Linux (RHEL) 9 or SUSE Linux Enterprise Server (SLES) 15 with iLO 6 and iLO 5 v1.53 and v2.98 or earlier.Additionally, this issue is seen if iLO security settings "Require Host Authentication" is enabled.

Scope

Any HPE system running iLO 5 or iLO 6 with RHEL 9 or SLES 15.

Resolution

As a workaround, update the iLO firmware using the iLO Web UI:Select "Update Firmware" from the "Firmware & OS Software - Installed Firmware" page in iLO.It is necessary to use the iLO 6 or iLO 5 FWPKG component to update firmware through iLO Web UI.Alternately:Use the iLOrest tool to perform an in-band firmware update from the Host OS using the iLO 6 and iLO 5 FWPKG component.Use the following command to update the iLO 6 or iLO 5 fwpkg on the server.ilorest -v flashfwpkg <fwpkg_file> -u <iLO_username> -p<iLO_password>This issue has been resolved in iLO 6 v1.54 and iLO 5 v2.99 and later.Use the Online ROM Flash Component for Linux with iLO 6 v1.54 and iLO 5 v2.99 and above to update the iLO firmware.iLO 5 v2.99:https://support.hpe.com/connect/s/softwaredetails?language=en_US&softwareId=MTX_63c9b8b5a94b488489beb796f3iLO 6 v1.54:https://support.hpe.com/connect/s/softwaredetails?language=en_US&softwareId=MTX_4a42034b5a8a4e2d8b16e8b4c0

Affected OS

Operating Systems Affected:Not Applicable

Change history

2023-12-06 Added: HPE Apollo 2000 Gen10 Plus System, HPE Apollo 4200 Gen10 Server, HPE Apollo 4510 Gen10 System, HPE Apollo 6500 Gen10 Plus System, HPE Apollo 6500 Gen10 System, HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers, HPE ProLiant BL460c Gen10 Server Blade, HPE ProLiant DL110 Gen11, HPE ProLiant DL120 Gen10 Server, HPE ProLiant DL160 Gen10 server, HPE ProLiant DL180 Gen10 server, HPE ProLiant DL20 Gen10 server, HPE ProLiant DL320 Gen11, HPE ProLiant DL325 Gen10 Plus server, HPE ProLiant DL325 Gen10 Plus v2 server, HPE ProLiant DL325 Gen10 server, HPE ProLiant DL325 Gen11, HPE ProLiant DL345 Gen10 Plus server, HPE ProLiant DL345 Gen11, HPE ProLiant DL360 Gen10 Plus server, HPE ProLiant DL360 Gen10 server, HPE ProLiant DL360 Gen11, HPE ProLiant DL365 Gen10 Plus server, HPE ProLiant DL365 Gen11, HPE ProLiant DL380 Gen10 Plus server, HPE ProLiant DL380 Gen10 server, HPE ProLiant DL380 Gen11, HPE ProLiant DL380a Gen11, HPE ProLiant DL385 Gen10 Plus server, HPE ProLiant DL385 Gen10 Plus v2 server, HPE ProLiant DL385 Gen10 server, HPE ProLiant DL385 Gen11, HPE ProLiant DL388 Gen10 server, HPE ProLiant DL560 Gen10 server, HPE ProLiant DL560 Gen11, HPE ProLiant DL580 Gen10 server, HPE ProLiant DX170r Gen10 server, HPE ProLiant DX190r Gen10 server, HPE ProLiant DX360 Gen10 server, HPE ProLiant DX365 Gen11, HPE ProLiant DX380 Gen10 server, HPE ProLiant DX385 Gen10 Plus server, HPE ProLiant DX4200 Gen10 server, HPE ProLiant DX560 Gen10 server, HPE ProLiant ML110 Gen10 server, HPE ProLiant ML110 Gen11, HPE ProLiant ML30 Gen10 server, HPE ProLiant ML350 Gen10 server, HPE ProLiant ML350 Gen11, HPE ProLiant MicroServer Gen10, HPE ProLiant MicroServer Gen10 Plus, HPE ProLiant RL300 Gen11, HPE ProLiant XL170r Gen10 Server, HPE ProLiant XL190r Gen10 Server, HPE ProLiant XL220n Gen10 Plus Server, HPE ProLiant XL230k Gen10 Server, HPE ProLiant XL270d Gen10 Server, HPE ProLiant XL290n Gen10 Plus Server, HPE ProLiant XL450 Gen10 Server

Links

No external links available for this bug

Relevant Products

Click on a version to see all relevant bugs

Affected versions:HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers

Fixed versions: No known fixed versions

Relevant Products

Click on a version to see all relevant bugs

Affected versions:HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers

Fixed versions: No known fixed versions

Top Hewlett Packard Enterprise Defects

7.5Defect ID: a00150697en_us
Advisory: (Revision) HPE Network Adapters - HPE Intel E810-Based Network Adapters May Experience a D1 Bugcheck BSOD After Updating the Intel ice68a.sys Driver to v1.15.121.0
6.3Defect ID: a00143662en_us
Advisory: (Revision) VMware - HPE ProLiant DL345 / DL365 / DL385 Gen11 Platforms Running VMware ESXi 8.0 U2 / U3 May Experience the Purple Diagnostic Screen "PSOD error @BlueScreen: NMI IPI: Panic requested by another PCPU. RIPOFF(base)"
6.3Defect ID: a00149683en_us
Advisory: (Revision) HPE Integrated Lights-Out 7 (iLO 7) - Unable to Communicate to iLO 7 v1.13.01 (or earlier) from Host Applications Using Application Accounts
6.3Defect ID: a00150602en_us
Advisory: (Revision) Integrated Smart Update Tools (iSUT) - Component Firmware Updates May Remain at a Pending State in the HPE Integrated Lights-Out (iLO) Installation Queue When Running VMware ESXi 8.0/9.0
6.0Defect ID: a00148019en_us
Advisory: (Revision) HPE ProLiant DL325/DL345/DL365/DL385 Gen11 - After An Upgrade To System ROM v2.40 On Windows Server, the AMD Host System Management Port (HSMP) Will Display a Yellow Exclamation Point In Device Manager

Hewlett Packard Enterprise Integration

Learn more about where this data comes from

Hewlett Packard Enterprise Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Ready to prevent the next vendor outage?

Get a demo

OPERATIONAL DEFECT DATABASE

Hewlett Packard Enterprise - Defect ID: a00136386en_us

HPE Integrated Lights-Out 6 (iLO 6) and iLO 5 Online ROM Flash Component for Linux Fails to Update iLO Firmware when the Security State in iLO Is Set to High Security, FIPS or CNSA Mode

Hewlett Packard Enterprise - Defect ID: a00136386en_us

HPE Integrated Lights-Out 6 (iLO 6) and iLO 5 Online ROM Flash Component for Linux Fails to Update iLO Firmware when the Security State in iLO Is Set to High Security, FIPS or CNSA Mode

Last updated on December 6th, 2023

BugZero Risk Score4.2 Medium

Bug Details

Summary

Scope

Resolution

Affected OS

Links

Top Hewlett Packard Enterprise Defects

Ready to prevent the next vendor outage?

BugZero Risk Score
4.2 Medium