Filtered by vendor Hpe
Subscriptions
Total
153 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-23702 | 1 Hpe | 4 Superdome Flex 280 Server, Superdome Flex 280 Server Firmware, Superdome Flex Server and 1 more | 2024-08-03 | 6.7 Medium |
A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 Servers. The vulnerability could be locally exploited to allow an user with Administrator access to escalate their privilege. The vulnerability is resolved in the latest firmware update. HPE Superdome Flex Server Version 3.50.58 or later, HPE Superdome Flex 280 Server Version 1.20.204 or later. | ||||
CVE-2023-50272 | 1 Hpe | 4 Integrated Lights-out 5, Integrated Lights-out 5 Firmware, Integrated Lights-out 6 and 1 more | 2024-08-02 | 7.5 High |
A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 6 (iLO 6). The vulnerability could be remotely exploited to allow authentication bypass. | ||||
CVE-2023-39267 | 2 Arubanetworks, Hpe | 11 Aruba 2530, Aruba 2530ya, Aruba 2530yb and 8 more | 2024-08-02 | 6.6 Medium |
An authenticated remote code execution vulnerability exists in the command line interface in ArubaOS-Switch. Successful exploitation results in a Denial-of-Service (DoS) condition in the switch. | ||||
CVE-2023-39266 | 2 Arubanetworks, Hpe | 11 Aruba 2530, Aruba 2530ya, Aruba 2530yb and 8 more | 2024-08-02 | 8.3 High |
A vulnerability in the ArubaOS-Switch web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface provided certain configuration options are present. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface. | ||||
CVE-2023-39268 | 2 Arubanetworks, Hpe | 11 Aruba 2530, Aruba 2530ya, Aruba 2530yb and 8 more | 2024-08-02 | 4.5 Medium |
A memory corruption vulnerability in ArubaOS-Switch could lead to unauthenticated remote code execution by receiving specially crafted packets. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
CVE-2023-30906 | 1 Hpe | 1 Intelligent Provisioning | 2024-08-02 | 7.5 High |
The vulnerability could be locally exploited to allow escalation of privilege. | ||||
CVE-2023-30905 | 1 Hpe | 4 Integrity Mc990 X Server Rmc, Integrity Mc990 X Server Rmc Firmware, Sgi Uv 300 Rmc and 1 more | 2024-08-02 | 7.8 High |
The MC990 X and UV300 RMC component has and inadequate default configuration that could be exploited to obtain enhanced privilege. | ||||
CVE-2023-30904 | 1 Hpe | 1 Insight Remote Support | 2024-08-02 | 5.5 Medium |
A security vulnerability in HPE Insight Remote Support may result in the local disclosure of privileged LDAP information. | ||||
CVE-2023-28084 | 2 Hp, Hpe | 2 Oneview, Oneview Global Dashboard | 2024-08-02 | 5.5 Medium |
HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens | ||||
CVE-2023-28085 | 1 Hpe | 1 Oneview Global Dashboard | 2024-08-02 | 5.5 Medium |
An HPE OneView Global Dashboard (OVGD) appliance dump may expose OVGD user account credentials | ||||
CVE-2023-28083 | 2 Hp, Hpe | 162 Integrated Lights-out 4, Integrated Lights-out 5, Integrated Lights-out 6 and 159 more | 2024-08-02 | 8.3 High |
A remote Cross-site Scripting vulnerability was discovered in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4). HPE has provided software updates to resolve this vulnerability in HPE Integrated Lights-Out. | ||||
CVE-2023-3718 | 1 Hpe | 27 Aruba Cx 10000-48y6, Aruba Cx 4100i, Aruba Cx 6000 12g and 24 more | 2024-08-02 | 8.8 High |
An authenticated command injection vulnerability exists in the AOS-CX command line interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands on the underlying operating system as a privileged user on the affected switch. This allows an attacker to fully compromise the underlying operating system on the device running AOS-CX. | ||||
CVE-2023-1168 | 1 Hpe | 20 Aruba Cx 10000-48y6, Aruba Cx 6200f 48g, Aruba Cx 6200m 24g and 17 more | 2024-08-02 | 7.2 High |
An authenticated remote code execution vulnerability exists in the AOS-CX Network Analytics Engine. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system, leading to a complete compromise of the switch running AOS-CX. |