Hpe: Security Vulnerabilities
An authenticated remote code execution vulnerability
exists in the AOS-CX Network Analytics Engine. Successful
exploitation of this vulnerability results in the ability to
execute arbitrary code as a privileged user on the underlying
operating system, leading to a complete compromise of the
switch running AOS-CX.
CVSS Score
7.2
EPSS Score
0.015
Published
2023-03-22
A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. The vulnerability could be locally exploited to allow disclosure of information. HPE has made the following software to resolve the vulnerability in HPE Superdome Flex Servers v3.65.8 and Superdome Flex 280 Servers v1.45.8.
CVSS Score
2.3
EPSS Score
0.0
Published
2023-03-10
Unauthenticated Java deserialization vulnerability in Serviceguard Manager
CVSS Score
9.8
EPSS Score
0.004
Published
2023-03-01
Pre-auth memory corruption in HPE Serviceguard
CVSS Score
9.8
EPSS Score
0.002
Published
2023-03-01
Unauthenticated server side request forgery in HPE Serviceguard Manager
CVSS Score
9.8
EPSS Score
0.002
Published
2023-03-01
A potential security vulnerability has been identified in HPE OfficeConnect 1820, and 1850 switch series. The vulnerability could be remotely exploited to allow remote directory traversal in HPE OfficeConnect 1820 switch series version PT.02.17 and below, HPE OfficeConnect 1850 switch series version PC.01.23 and below, and HPE OfficeConnect 1850 (10G aggregator) switch version PO.01.22 and below.
CVSS Score
6.8
EPSS Score
0.006
Published
2023-01-05
A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. The vulnerability could be exploited to allow local unauthorized data injection. HPE has made the following software updates to resolve the vulnerability in HPE Superdome Flex firmware 3.60.50 and below and Superdome Flex 280 servers firmware 1.40.60 and below.
CVSS Score
7.3
EPSS Score
0.001
Published
2023-01-05
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Hewlett Packard Enterprise HPE OneView Global Dashboard (OVGD).
CVSS Score
6.1
EPSS Score
0.002
Published
2022-12-12
Insufficient Verification of Data Authenticity vulnerability in Hewlett Packard Enterprise HPE Nimble Storage Hybrid Flash Arrays and Nimble Storage Secondary Flash Arrays.
CVSS Score
8.0
EPSS Score
0.002
Published
2022-12-12
Improper Privilege Management vulnerability in Hewlett Packard Enterprise Nimble Storage Hybrid Flash Arrays and Nimble Storage Secondary Flash Arrays.
CVSS Score
6.7
EPSS Score
0.001
Published
2022-12-12