critical
9.8
Advisory Published
Updated

CVE-2022-37932

First published: Wed Nov 30 2022(Updated: )

A potential security vulnerability has been identified in Hewlett Packard Enterprise OfficeConnect 1820, 1850, and 1920S Network switches. The vulnerability could be remotely exploited to allow authentication bypass. HPE has made the following software updates to resolve the vulnerability in Hewlett Packard Enterprise OfficeConnect 1820, 1850 and 1920S Network switches versions: Prior to PT.02.14; Prior to PC.01.22; Prior to PO.01.21; Prior to PD.02.22;

Credit: security-alert@hpe.com

Affected SoftwareAffected VersionHow to fix
Hpe Officeconnect 1820 J9979a Firmware<pt.02.14
Hpe Officeconnect 1820 J9979a
Hpe Officeconnect 1820 J9982a Firmware<pt.02.14
Hpe Officeconnect 1820 J9982a
Hpe Officeconnect 1820 J9980a Firmware<pt.02.14
Hpe Officeconnect 1820 J9980a
Hpe Officeconnect 1820 J9983a Firmware<pt.02.14
Hpe Officeconnect 1820 J9983a
Hpe Officeconnect 1820 J9981a Firmware<pt.02.14
Hpe Officeconnect 1820 J9981a
Hpe Officeconnect 1820 J9984a Firmware<pt.02.14
Hpe Officeconnect 1820 J9984a
Hpe Officeconnect 1850 24g 2xgt Poe\+ Firmware<pc.01.22
Hpe Officeconnect 1850 24g 2xgt Poe\+
Hpe Officeconnect 1850 24g 2xgt Firmware<pc.01.22
Hpe Officeconnect 1850 24g 2xgt
Hpe Officeconnect 1850 48g 4xgt Poe\+ Firmware<pc.01.22
Hpe Officeconnect 1850 48g 4xgt Poe\+
Hpe Officeconnect 1850 48g 4xgt Firmware<pc.01.22
Hpe Officeconnect 1850 48g 4xgt
Hpe Officeconnect 1850 6xgt Firmware<po.01.21
Hpe Officeconnect 1850 6xgt
Hpe Officeconnect 1850 2xgt\/spf\+ Firmware<po.01.21
Hpe Officeconnect 1850 2xgt\/spf\+
Hpe Officeconnect 1920s 24g 2sfp Poe\+ Firmware<pd.02.22
Hpe Officeconnect 1920s 24g 2sfp Poe\+
Hpe Officeconnect 1920s 24g 2sfp Ppoe\+ Firmware<pd.02.22
Hpe Officeconnect 1920s 24g 2sfp Ppoe\+
Hpe Officeconnect 1920s 24g 2sfp Firmware<pd.02.22
Hpe Officeconnect 1920s 24g 2sfp
Hpe Officeconnect 1920s 48g 4sfp Ppoe\+ Firmware<pd.02.22
Hpe Officeconnect 1920s 48g 4sfp Ppoe\+
Hpe Officeconnect 1920s 48g 4sfp Firmware<pd.02.22
Hpe Officeconnect 1920s 48g 4sfp
Hpe Officeconnect 1920s 8g Ppoe\+ Firmware<pd.02.22
Hpe Officeconnect 1920s 8g Ppoe\+
Hpe Officeconnect 1920s 8g Firmware<pd.02.22
Hpe Officeconnect 1920s 8g

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2022-37932?

    The severity of CVE-2022-37932 is critical with a severity value of 9.8.

  • How can CVE-2022-37932 be exploited?

    CVE-2022-37932 can be remotely exploited to allow authentication bypass.

  • Which software versions are affected by CVE-2022-37932?

    Hewlett Packard Enterprise OfficeConnect 1820, 1850, and 1920S network switches with certain firmware versions are affected by CVE-2022-37932.

  • How can I fix CVE-2022-37932?

    HPE has released software updates to resolve the vulnerability in Hewlett Packard Enterprise OfficeConnect switches affected by CVE-2022-37932.

  • Where can I find more information about CVE-2022-37932?

    More information about CVE-2022-37932 can be found at the following reference: https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04383en_us

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203