Hpe: Security Vulnerabilities
A remote disclosure of sensitive information vulnerability was discovered in HPE NonStop DSM/SCM version: T6031H03^ADP. HPE has provided a software update to resolve this vulnerability in HPE NonStop DSM/SCM.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-06-28
A potential security vulnerability has been identified in HPE StoreOnce Software. The SSH server supports weak key exchange algorithms which could lead to remote unauthorized access. HPE has made the following software update to resolve the vulnerability in HPE StoreOnce Software 4.3.2.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-06-27
A potential security vulnerability has been identified in the installer of HPE Version Control Repository Manager. The vulnerability could allow local escalation of privilege. HPE has made the following software update to resolve the vulnerability in HPE Version Control Repository Manager installer 7.6.14.0.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-06-24
A remote authentication bypass vulnerability was discovered in HPE Cray Legacy Shasta System Solutions; HPE Slingshot; and HPE Cray EX supercomputers versions: Prior to node controller firmware associated with HPE Cray EX liquid cooled blades, and all versions of chassis controller firmware associated with HPE Cray EX liquid cooled cabinets prior to 1.6.27/1.5.33/1.4.27; All Slingshot versions prior to 1.7.2; All versions of node controller firmware associated with HPE Cray EX liquid cooled blades, and all versions of chassis controller firmware associated with HPE Cray EX liquid cooled cabinets prior to 1.6.27/1.5.33/1.4.27. HPE has provided a software update to resolve this vulnerability in HPE Cray Legacy Shasta System Solutions, HPE Slingshot, and HPE Cray EX Supercomputers.
CVSS Score
9.8
EPSS Score
0.007
Published
2022-06-24
A command injection security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays and HPE Nimble Storage Secondary Flash Arrays that could allow an attacker to execute arbitrary commands on a Nimble appliance. HPE has made the following software updates to resolve the vulnerability in HPE Nimble Storage: 5.0.10.100 or later, 5.2.1.0 or later, 6.0.0.100 or later.
CVSS Score
9.8
EPSS Score
0.03
Published
2022-05-20
A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 (iLO 4) 2.80 and later.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-05-09
A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays, and HPE Nimble Storage Secondary Flash Arrays which could potentially allow the upload, but not execution, of unauthorized update binaries to the array. HPE has made the following software updates to resolve the vulnerability in HPE Nimble Storage: 5.0.10.100 or later, 5.2.1.0 or later, 6.0.0.100 or later.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-05-09
A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 Servers. The vulnerability could be locally exploited to allow an user with Administrator access to escalate their privilege. The vulnerability is resolved in the latest firmware update. HPE Superdome Flex Server Version 3.50.58 or later, HPE Superdome Flex 280 Server Version 1.20.204 or later.
CVSS Score
6.7
EPSS Score
0.001
Published
2022-04-12
A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays and HPE Nimble Storage Secondary Flash Arrays during update. This would potentially allow an attacker to intercept and modify network communication for software updates initiated by the Nimble appliance. The following NimbleOS versions, and all subsequent releases, contain a software fix for this vulnerability: 5.0.10.100, 5.2.1.500, 6.0.0.100
CVSS Score
7.5
EPSS Score
0.002
Published
2022-04-12
A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series version(s): Firmware below v1.0.7.0.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-04-12