Vulnerability Details CVE-2022-28625
A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s): Prior to 7.0 or 6.60.01. A low privileged user could locally exploit this vulnerability to disclose sensitive information resulting in a complete loss of confidentiality, integrity, and availability. To exploit this vulnerability, HPE OneView must be configured with credential access to external repositories. HPE has provided a software update to resolve this vulnerability in HPE OneView.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 22.0%
CVSS Severity
CVSS v3 Score 5.5
References
Products affected by CVE-2022-28625
-
cpe:2.3:a:hp:oneview:-
-
cpe:2.3:a:hp:oneview:1.0
-
cpe:2.3:a:hp:oneview:1.01
-
cpe:2.3:a:hp:oneview:5.0
-
cpe:2.3:a:hp:oneview:5.00.01
-
cpe:2.3:a:hp:oneview:5.00.02
-
cpe:2.3:a:hp:oneview:5.2
-
cpe:2.3:a:hp:oneview:5.20.01
-
cpe:2.3:a:hp:oneview:5.3
-
cpe:2.3:a:hp:oneview:5.4
-
cpe:2.3:a:hp:oneview:5.5
-
cpe:2.3:a:hp:oneview:5.6
-
cpe:2.3:a:hp:oneview:6.0
-
cpe:2.3:a:hp:oneview:6.00.01
-
cpe:2.3:a:hp:oneview:6.1
-
cpe:2.3:a:hp:oneview:6.2
-
cpe:2.3:a:hp:oneview:6.3
-
cpe:2.3:a:hp:oneview:6.4
-
cpe:2.3:a:hp:oneview:6.5
-
cpe:2.3:a:hp:oneview:6.6