Latest hp oneview Vulnerabilities

CVE-2023-6573
HPE OneView may have a missing passphrase during restore.
HP OneView<8.70
CVE-2023-50275
HPE OneView may allow clusterService Authentication Bypass resulting in denial of service.
HP OneView<8.70
CVE-2023-50274
HPE OneView may allow command injection with local privilege escalation.
HP OneView<8.70
CVE-2023-30909
A remote authentication bypass issue exists in some OneView APIs.
HP OneView<8.30.01
CVE-2023-30908
A remote authentication bypass issue exists in a OneView API.
HP OneView<6.60.05
HP OneView>=7.0<8.5
CVE-2023-28084
HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens
HP OneView<6.60.04
HP OneView>=7.0<8.2
HPE OneView Global Dashboard<2.72
CVE-2023-28086
An HPE OneView appliance dump may expose proxy credential settings
HP OneView<6.60.04
HP OneView<8.2
CVE-2023-28088
An HPE OneView appliance dump may expose SAN switch administrative credentials
HP OneView<6.60.04
HP OneView<8.2
CVE-2023-28089
An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules
HP OneView<6.60.04
HP OneView<8.2
CVE-2023-28087
An HPE OneView appliance dump may expose OneView user accounts
HP OneView<6.60.04
HP OneView<8.2
CVE-2023-28090
An HPE OneView appliance dump may expose SNMPv3 read credentials
HP OneView<6.60.04
HP OneView<8.2
CVE-2023-28091
HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump
HP OneView>=7.0<=8.1
CVE-2022-28625
A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s): Prior to 7.0 or 6.60.01. A low privileged user could locally exploit this vulnerability to disclose ...
HP OneView<6.60.01
CVE-2022-28616
A remote server-side request forgery (ssrf) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.
HP OneView<7.0
CVE-2022-28617
A remote bypass security restrictions vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.
HP OneView<7.0
CVE-2022-23706
A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.
HP OneView<7.0
CVE-2022-23697
A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
HP OneView<6.6
CVE-2022-23700
A local unauthorized read access to files vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
HP OneView<6.6
CVE-2022-23698
A remote unauthenticated disclosure of information vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView...
HP OneView<6.6
CVE-2022-23699
A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
HP OneView<6.6
CVE-2020-7198
There is a remote escalation of privilege possible for a malicious user that has a OneView account in OneView and Synergy Composer. HPE has provided updates to Oneview and Synergy Composer: Update to ...
HP OneView=5.0
HP OneView=5.00.01
HP OneView=5.00.02
HP OneView=5.2
HP OneView=5.3
HP OneView=5.4
and 15 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203