CVE-2022-28624: XSS
First published: Fri Jul 08 2022(Updated: )
A potential security vulnerability has been identified in certain HPE FlexNetwork and FlexFabric switch products. The vulnerability could be remotely exploited to allow cross site scripting (XSS). HPE has made the following software updates to resolve the vulnerability. HPE FlexNetwork 5130EL_7.10.R3507P02 and HPE FlexFabric 5945_7.10.R6635.
Credit: security-alert@hpe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Hpe Flexnetwork 5130 Ei Firmware | =7.10.r3507p02 | |
| Hpe Flexnetwork 5130 Ei | ||
| Hpe Flexfabric 5945 Firmware | =7.10.r6635 | |
| HPE FlexFabric 5945 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-28624?
The severity of CVE-2022-28624 is medium.
What is the vulnerability in HPE FlexNetwork and FlexFabric switch products?
The vulnerability in HPE FlexNetwork and FlexFabric switch products is cross site scripting (XSS).
How can the vulnerability be exploited?
The vulnerability can be remotely exploited.
Which software updates resolve the vulnerability?
The software updates to resolve the vulnerability are available on the HPE support website.
What is the Common Weakness Enumeration (CWE) for this vulnerability?
The Common Weakness Enumeration (CWE) for this vulnerability is CWE-79.
- collector/nvd-index
- agent/severity
- agent/references
- agent/tags
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/hpe
- canonical/hpe flexnetwork 5130 ei firmware
- version/hpe flexnetwork 5130 ei firmware/7.10.r3507p02
- canonical/hpe flexnetwork 5130 ei
- canonical/hpe flexfabric 5945 firmware
- version/hpe flexfabric 5945 firmware/7.10.r6635
- canonical/hpe flexfabric 5945