Latest Hpe Vulnerabilities

CVE-2023-50272
A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 6 (iLO 6). The vulnerability could be remotely exploited to allow authentication...
>=2.63<=3.00
>=1.05<=1.55
CVE-2023-30912
A remote code execution issue exists in HPE OneView.
HPE OneView<8.60.00
CVE-2023-30911
HPE Integrated Lights-Out 5, and Integrated Lights-Out 6 using iLOrest may cause denial of service.
Hpe Integrated Lights-out 5 Firmware<2.98
Hpe Apollo 2000 System
Hpe Apollo 4200 Gen10 Plus System
Hpe Apollo 4200 Gen10 Server
Hpe Apollo 4510 Gen10 System
Hpe Apollo 6500 Gen10 Plus System
and 71 more
CVE-2023-30910
HPE MSA Controller prior to version IN210R004 could be remotely exploited to allow inconsistent interpretation of HTTP requests. 
Hpe Msa 1060 Storage Firmware<in210r004
Hpe Msa 1060 Storage
Hpe Msa 2060 Storage Firmware<in210r004
Hpe Msa 2060 Storage
Hpe Msa 2062 Storage Firmware<in210r004
Hpe Msa 2062 Storage
CVE-2023-39268
A memory corruption vulnerability in ArubaOS-Switch could lead to unauthenticated remote code execution by receiving specially crafted packets. Successful exploitation of this vulnerability results in...
Hpe Arubaos-switch<a.15.16.0026
Hpe Arubaos-switch>=16.01.0000<16.04.0027
Hpe Arubaos-switch>=16.05.0000<16.08.0027
Hpe Arubaos-switch>=16.10.0001<16.10.0024
Hpe Arubaos-switch>=16.11.0001<16.11.0013
Arubanetworks Aruba 2530
and 9 more
CVE-2023-39266
A vulnerability in the ArubaOS-Switch web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface prov...
Hpe Arubaos-switch<a.15.16.0026
Hpe Arubaos-switch>=16.01.0000<16.04.0027
Hpe Arubaos-switch>=16.05.0000<16.08.0027
Hpe Arubaos-switch>=16.10.0001<16.10.0024
Hpe Arubaos-switch>=16.11.0001<16.11.0013
Arubanetworks Aruba 2530
and 9 more
CVE-2023-39267
An authenticated remote code execution vulnerability exists in the command line interface in ArubaOS-Switch. Successful exploitation results in a Denial-of-Service (DoS) condition in the switch.
Hpe Arubaos-switch<a.15.16.0026
Hpe Arubaos-switch>=16.01.0000<16.04.0027
Hpe Arubaos-switch>=16.05.0000<16.08.0027
Hpe Arubaos-switch>=16.10.0001<16.10.0024
Hpe Arubaos-switch>=16.11.0001<16.11.0013
Arubanetworks Aruba 2530
and 9 more
CVE-2023-3718
An authenticated command injection vulnerability exists in the AOS-CX command line interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands on the...
Hpe Arubaos-cx>=10.10.0000<=10.10.1050
Hpe Arubaos-cx>=10.11.0000<=10.11.1010
Hpe Aruba Cx 10000-48y6
Hpe Aruba Cx 4100i
Hpe Aruba Cx 6000 12g
Hpe Aruba Cx 6000 24g
and 22 more
CVE-2023-30906
The vulnerability could be locally exploited to allow escalation of privilege.
HPE Intelligent Provisioning<2.87
CVE-2023-30904
A security vulnerability in HPE Insight Remote Support may result in the local disclosure of privileged LDAP information.
HPE Insight Remote Support>=7.12<7.12.0.545
CVE-2023-30905
The MC990 X and UV300 RMC component has and inadequate default configuration that could be exploited to obtain enhanced privilege.
Hpe Sgi Uv 300 Rmc Firmware<=1.2.7
Hpe Sgi Uv 300 Rmc
Hpe Integrity Mc990 X Server Rmc Firmware<=1.2.7
Hpe Integrity Mc990 X Server Rmc
CVE-2023-28084
HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens
HP OneView<6.60.04
HP OneView>=7.0<8.2
HPE OneView Global Dashboard<2.72
CVE-2023-28085
An HPE OneView Global Dashboard (OVGD) appliance dump may expose OVGD user account credentials
HPE OneView Global Dashboard<2.72
CVE-2023-28083
A remote Cross-site Scripting vulnerability was discovered in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4). HPE has provided software update...
HP Integrated Lights-Out 4<2.82
Hpe Apollo 4200 Gen9 Server
Hpe Apollo R2000 Chassis
Hpe Proliant Bl420c Gen8 Server
Hpe Proliant Bl460c Gen8 Server Blade
Hpe Proliant Bl460c Gen9 Server Blade
and 156 more
CVE-2023-1168
An authenticated remote code execution vulnerability exists in the AOS-CX Network Analytics Engine. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a ...
Hpe Arubaos-cx>=10.06.0000<10.06.0240
Hpe Arubaos-cx>=10.08.0000<=10.08.1070
Hpe Arubaos-cx>=10.09.0000<=10.09.1020
Hpe Arubaos-cx>=10.10.0000<10.10.1030
Hpe Aruba Cx 10000-48y6
Hpe Aruba Cx 6200f 48g
and 17 more
CVE-2022-37939
A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. The vulnerability could be locally exploited to allow disclosure of information. HPE has ma...
Hpe Superdome Flex 280 Server Firmware<1.45.8
HPE Superdome Flex 280 Server
Hpe Superdome Flex Server Firmware<3.65.8
HPE Superdome Flex Server
CVE-2022-37936
Unauthenticated Java deserialization vulnerability in Serviceguard Manager
Hpe Serviceguard For Linux<a.12.80.05
CVE-2022-37938
Unauthenticated server side request forgery in HPE Serviceguard Manager
Hpe Serviceguard For Linux<a.12.80.05
CVE-2022-37934
A potential security vulnerability has been identified in HPE OfficeConnect 1820, and 1850 switch series. The vulnerability could be remotely exploited to allow remote directory traversal in HPE Offic...
Hp Officeconnect 1820 24g Poe\+ \(185w\) Switch J9983a Firmware<pt.02.17
Hp Officeconnect 1820 24g Poe\+ \(185w\) Switch J9983a
Hp Officeconnect 1820 48g Poe\+ \(370w\) Switch J9984a Firmware<pt.02.17
Hp Officeconnect 1820 48g Poe\+ \(370w\) Switch J9984a
Hp Officeconnect 1820 8g Poe\+ \(65w\) Switch J9982a Firmware<pt.02.17
Hp Officeconnect 1820 8g Poe\+ \(65w\) Switch J9982a
and 14 more
CVE-2022-37933
A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. The vulnerability could be exploited to allow local unauthorized data injection. HPE has ma...
Hpe Superdome Flex 280 Firmware<1.40.60
Hpe Superdome Flex 280
HPE Superdome Flex firmware<3.60.50
HPE Superdome Flex
CVE-2022-37932
A potential security vulnerability has been identified in Hewlett Packard Enterprise OfficeConnect 1820, 1850, and 1920S Network switches. The vulnerability could be remotely exploited to allow authen...
Hpe Officeconnect 1820 J9979a Firmware<pt.02.14
Hpe Officeconnect 1820 J9979a
Hpe Officeconnect 1820 J9982a Firmware<pt.02.14
Hpe Officeconnect 1820 J9982a
Hpe Officeconnect 1820 J9980a Firmware<pt.02.14
Hpe Officeconnect 1820 J9980a
and 32 more
CVE-2022-37928
Insufficient Verification of Data Authenticity vulnerability in Hewlett Packard Enterprise HPE Nimble Storage Hybrid Flash Arrays and Nimble Storage Secondary Flash Arrays.
<5.2.1.900
=5.3.0.0
<5.2.1.900
=5.3.0.0
and 21 more
CVE-2022-37927
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Hewlett Packard Enterprise HPE OneView Global Dashboard (OVGD).
HPE OneView Global Dashboard<2.7
CVE-2022-37929
Improper Privilege Management vulnerability in Hewlett Packard Enterprise Nimble Storage Hybrid Flash Arrays and Nimble Storage Secondary Flash Arrays.
<5.2.1.900
=5.3.0.0
<5.2.1.900
=5.3.0.0
and 21 more
CVE-2021-46846
Cross Site Scripting vulnerability in Hewlett Packard Enterprise Integrated Lights-Out 5.
Hp Integrated Lights-out 5 Firmware<2.44
Hp 3par Service Processor
Hp Apollo R2000 Chassis
Hpe Apollo 2000 Gen10 Plus System
Hpe Apollo 4200 Gen10 Server
Hpe Apollo 4510 Gen10 System
and 39 more
CVE-2022-28637
A local Denial of Service (DoS) and local arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated...
Hpe Integrated Lights-out 5 Firmware<2.72
Hp Apollo 4200 Gen10 Server
Hp Apollo 4500
Hp Apollo R2000 Chassis
Hpe Apollo 2000 Gen10 Plus System
Hpe Apollo 4200 Gen10 Plus System
and 71 more
CVE-2022-28639
A remote potential adjacent denial of service (DoS) and potential adjacent arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability ...
Hpe Integrated Lights-out 5 Firmware<2.72
Hp Apollo 4200 Gen10 Server
Hp Apollo 4500
Hp Apollo R2000 Chassis
Hpe Apollo 2000 Gen10 Plus System
Hpe Apollo 4200 Gen10 Plus System
and 71 more
CVE-2022-28640
A potential local adjacent arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability was discovered in HPE Integrated Lights-Out 5 (i...
Hpe Integrated Lights-out 5 Firmware<2.72
Hp Apollo 4200 Gen10 Server
Hp Apollo 4500
Hp Apollo R2000 Chassis
Hpe Apollo 2000 Gen10 Plus System
Hpe Apollo 4200 Gen10 Plus System
and 71 more
CVE-2022-28638
An isolated local disclosure of information and potential isolated local arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability we...
Hpe Integrated Lights-out 5 Firmware<2.72
Hp Apollo 4200 Gen10 Server
Hp Apollo 4500
Hp Apollo R2000 Chassis
Hpe Apollo 2000 Gen10 Plus System
Hpe Apollo 4200 Gen10 Plus System
and 71 more
CVE-2022-28627
Hpe Integrated Lights-out 5 Firmware<2.71
Hpe Apollo 2000 Gen10 Plus System
Hpe Apollo 4200 Gen10 Server
Hpe Apollo 4510 Gen10 System
Hpe Apollo 6500 Gen10 Plus System
Hpe Apollo 6500 Gen10 System
and 69 more
CVE-2022-28632
A potential arbitrary code execution and a denial of service (DoS) vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. A...
Hpe Integrated Lights-out 5 Firmware<2.71
Hpe Apollo 2000 Gen10 Plus System
Hpe Apollo 4200 Gen10 Server
Hpe Apollo 4510 Gen10 System
Hpe Apollo 6500 Gen10 Plus System
Hpe Apollo 6500 Gen10 System
and 69 more
CVE-2022-28634
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. A highly privileged user could locally exploit this vulnerabili...
Hpe Integrated Lights-out 5 Firmware<2.71
Hpe Apollo 2000 Gen10 Plus System
Hpe Apollo 4200 Gen10 Server
Hpe Apollo 4510 Gen10 System
Hpe Apollo 6500 Gen10 Plus System
Hpe Apollo 6500 Gen10 System
and 69 more
CVE-2022-28630
Hpe Integrated Lights-out 5 Firmware<2.71
Hpe Apollo 2000 Gen10 Plus System
Hpe Apollo 4200 Gen10 Server
Hpe Apollo 4510 Gen10 System
Hpe Apollo 6500 Gen10 Plus System
Hpe Apollo 6500 Gen10 System
and 69 more
CVE-2022-28626
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. A highly privileged user could locally exploit this vulnerabili...
Hpe Integrated Lights-out 5 Firmware<2.71
Hpe Apollo 2000 Gen10 Plus System
Hpe Apollo 4200 Gen10 Server
Hpe Apollo 4510 Gen10 System
Hpe Apollo 6500 Gen10 Plus System
Hpe Apollo 6500 Gen10 System
and 69 more
CVE-2022-28636
A potential local arbitrary code execution and a local denial of service (DoS) vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prio...
Hpe Integrated Lights-out 5 Firmware<2.71
Hpe Apollo 2000 Gen10 Plus System
Hpe Apollo 4200 Gen10 Server
Hpe Apollo 4510 Gen10 System
Hpe Apollo 6500 Gen10 Plus System
Hpe Apollo 6500 Gen10 System
and 69 more
CVE-2022-28631
A potential arbitrary code execution and a denial of service (DoS) vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. A...
Hpe Integrated Lights-out 5 Firmware<2.71
Hpe Apollo 2000 Gen10 Plus System
Hpe Apollo 4200 Gen10 Server
Hpe Apollo 4510 Gen10 System
Hpe Apollo 6500 Gen10 Plus System
Hpe Apollo 6500 Gen10 System
and 69 more
CVE-2022-28623
Security vulnerabilities in HPE IceWall SSO 10.0 certd could be exploited remotely to allow SQL injection or unauthorized data injection. HPE has provided the following updated modules to resolve thes...
Hpe Icewall Sso Certd=10.0
HP HP-UX
Redhat Enterprise Linux
CVE-2022-28624
A potential security vulnerability has been identified in certain HPE FlexNetwork and FlexFabric switch products. The vulnerability could be remotely exploited to allow cross site scripting (XSS). HPE...
Hpe Flexnetwork 5130 Ei Firmware=7.10.r3507p02
Hpe Flexnetwork 5130 Ei
Hpe Flexfabric 5945 Firmware=7.10.r6635
HPE FlexFabric 5945
CVE-2022-28621
A remote disclosure of sensitive information vulnerability was discovered in HPE NonStop DSM/SCM version: T6031H03^ADP. HPE has provided a software update to resolve this vulnerability in HPE NonStop ...
Hpe Nonstop Distributed Systems Management \/ Software Configuration Manager=t6031h03\^adp
CVE-2022-28622
A potential security vulnerability has been identified in HPE StoreOnce Software. The SSH server supports weak key exchange algorithms which could lead to remote unauthorized access. HPE has made the ...
Hpe Storeonce 3640 Firmware<4.3.2
Hpe Storeonce 3640
CVE-2022-28620
A remote authentication bypass vulnerability was discovered in HPE Cray Legacy Shasta System Solutions; HPE Slingshot; and HPE Cray EX supercomputers versions: Prior to node controller firmware associ...
Hpe Slingshot Firmware<1.7.2
HPE Slingshot
Hpe Cray Ex Supercomputers Firmware=1.4.27
Hpe Cray Ex Supercomputers Firmware=1.5.33
Hpe Cray Ex Supercomputers Firmware=1.6.27
HPE Cray EX supercomputers
and 12 more
CVE-2022-28619
A potential security vulnerability has been identified in the installer of HPE Version Control Repository Manager. The vulnerability could allow local escalation of privilege. HPE has made the followi...
Hpe Control Repository Manager<7.6.14.0
CVE-2022-28618
A command injection security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays and HPE Nimble Storage Secondary Flash Arrays that could a...
Hpe Nimbleos<5.0.10.100
Hpe Nimbleos>=5.1.0.0<5.2.1.500
Hpe Nimbleos>=5.3.0.0<6.0.0.100
HPE Nimble Storage All Flash Arrays
HPE Nimble Storage Hybrid Flash Arrays
HPE Nimble Storage Secondary Flash Arrays
CVE-2022-23704
A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Ou...
HP Integrated Lights-Out 4<2.80
Hpe Apollo 4200 Gen9 Server
Hpe Proliant Bl420c Gen8 Server
Hpe Proliant Bl460c Gen8 Server Blade
Hpe Proliant Bl460c Gen9 Server Blade
Hpe Proliant Bl465c Gen8 Server Blade
and 53 more
CVE-2022-23705
A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays, and HPE Nimble Storage Secondary Flash Arrays which could potentially allow...
Hpe Nimbleos<5.0.10.100
Hpe Nimbleos>=5.1.0.0<5.2.1.500
Hpe Nimbleos=5.3.1.0
CVE-2022-23703
Hpe Nimbleos<5.0.10.100
Hpe Nimbleos>=5.1.0.0<5.2.1.500
Hpe Nimbleos=5.3.1.0
CVE-2022-23702
A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 Servers. The vulnerability could be locally exploited to allow an user with Administrator access to ...
Hpe Superdome Flex Server Firmware<3.50.58
HPE Superdome Flex Server
Hpe Superdome Flex 280 Server Firmware<1.20.204
HPE Superdome Flex 280 Server
CVE-2021-41004
A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series version(s): Firmware below v1.0.7.0.
Hpe Aruba Instant On 1930 8g 2sfp Firmware<1.0.7.0
Hpe Aruba Instant On 1930 8g 2sfp
Hpe Aruba Instant On 1930 8g Class4 Poe 2sfp 124w Firmware<1.0.7.0
Hpe Aruba Instant On 1930 8g Class4 Poe 2sfp 124w
Hpe Aruba Instant On 1930 48g Class4 Poe 4sfp\/sfp\+ 370w Firmware<1.0.7.0
Hpe Aruba Instant On 1930 48g Class4 Poe 4sfp\/sfp\+ 370w
and 8 more
CVE-2021-41005
A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series version(s): Firmware below v1.0.7.0.
Hpe Aruba Instant On 1930 8g 2sfp Firmware<1.0.7.0
Hpe Aruba Instant On 1930 8g 2sfp
Hpe Aruba Instant On 1930 8g Class4 Poe 2sfp 124w Firmware<1.0.7.0
Hpe Aruba Instant On 1930 8g Class4 Poe 2sfp 124w
Hpe Aruba Instant On 1930 48g Class4 Poe 4sfp\/sfp\+ 370w Firmware<1.0.7.0
Hpe Aruba Instant On 1930 48g Class4 Poe 4sfp\/sfp\+ 370w
and 8 more
CVE-2021-41003
Multiple unauthenticated command injection vulnerabilities were discovered in the AOS-CX API interface in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 S...
Hpe Arubaos-cx>=10.06.0001<=10.06.0170
Hpe Arubaos-cx>=10.07.0001<=10.07.0050
Hpe Arubaos-cx>=10.08.0001<=10.08.1030
Hpe Arubaos-cx>=10.09.0001<=10.09.0002
Hpe Aruba 8320
Hpe Aruba 8325-32-c
and 12 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203