Filtered by vendor Hp
Subscriptions
Filtered by product Oneview
Subscriptions
Total
23 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-42508 | 1 Hp | 1 Oneview | 2024-10-29 | 5.5 Medium |
| This vulnerability could be exploited, leading to unauthorized disclosure of information to authenticated users. | ||||
| CVE-2023-6573 | 1 Hp | 1 Oneview | 2024-10-28 | 5.5 Medium |
| HPE OneView may have a missing passphrase during restore. | ||||
| CVE-2023-30909 | 2 Hp, Hpe | 3 Oneview, Oneview, Oneview Global Dashboard | 2024-10-28 | 9.8 Critical |
| A remote authentication bypass issue exists in some OneView APIs. | ||||
| CVE-2014-2602 | 1 Hp | 1 Oneview | 2024-08-06 | N/A |
| Unspecified vulnerability in HP OneView 1.0 and 1.01 allows remote authenticated users to gain privileges via unknown vectors. | ||||
| CVE-2020-7198 | 1 Hp | 3 Oneview, Synergy Composer, Synergy Composer 2 | 2024-08-04 | 8.8 High |
| There is a remote escalation of privilege possible for a malicious user that has a OneView account in OneView and Synergy Composer. HPE has provided updates to Oneview and Synergy Composer: Update to version 5.5 of OneView, Composer, or Composer2. | ||||
| CVE-2022-28625 | 1 Hp | 1 Oneview | 2024-08-03 | 5.5 Medium |
| A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s): Prior to 7.0 or 6.60.01. A low privileged user could locally exploit this vulnerability to disclose sensitive information resulting in a complete loss of confidentiality, integrity, and availability. To exploit this vulnerability, HPE OneView must be configured with credential access to external repositories. HPE has provided a software update to resolve this vulnerability in HPE OneView. | ||||
| CVE-2022-28617 | 1 Hp | 1 Oneview | 2024-08-03 | 9.8 Critical |
| A remote bypass security restrictions vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView. | ||||
| CVE-2022-28616 | 1 Hp | 1 Oneview | 2024-08-03 | 9.8 Critical |
| A remote server-side request forgery (ssrf) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView. | ||||
| CVE-2022-23706 | 1 Hp | 1 Oneview | 2024-08-03 | 6.1 Medium |
| A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView. | ||||
| CVE-2022-23699 | 1 Hp | 1 Oneview | 2024-08-03 | 7.8 High |
| A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView. | ||||
| CVE-2022-23700 | 1 Hp | 1 Oneview | 2024-08-03 | 5.5 Medium |
| A local unauthorized read access to files vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView. | ||||
| CVE-2022-23697 | 1 Hp | 1 Oneview | 2024-08-03 | 6.1 Medium |
| A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView. | ||||
| CVE-2022-23698 | 1 Hp | 1 Oneview | 2024-08-03 | 7.5 High |
| A remote unauthenticated disclosure of information vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView. | ||||
| CVE-2023-50274 | 1 Hp | 1 Oneview | 2024-08-02 | 7.8 High |
| HPE OneView may allow command injection with local privilege escalation. | ||||
| CVE-2023-50275 | 1 Hp | 1 Oneview | 2024-08-02 | 7.5 High |
| HPE OneView may allow clusterService Authentication Bypass resulting in denial of service. | ||||
| CVE-2023-30908 | 1 Hp | 1 Oneview | 2024-08-02 | 9.8 Critical |
| A remote authentication bypass issue exists in a OneView API. | ||||
| CVE-2023-28091 | 1 Hp | 1 Oneview | 2024-08-02 | 5.5 Medium |
| HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump | ||||
| CVE-2023-28084 | 2 Hp, Hpe | 2 Oneview, Oneview Global Dashboard | 2024-08-02 | 5.5 Medium |
| HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens | ||||
| CVE-2023-28089 | 1 Hp | 1 Oneview | 2024-08-02 | 7.1 High |
| An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules | ||||
| CVE-2023-28090 | 1 Hp | 1 Oneview | 2024-08-02 | 5.5 Medium |
| An HPE OneView appliance dump may expose SNMPv3 read credentials | ||||