HPE OneView may allow clusterService Authentication Bypass resulting in denial of service.
Max CVSS
7.5
EPSS Score
0.05%
Published
2024-01-23
Updated
2024-01-29
HPE OneView may allow command injection with local privilege escalation.
Max CVSS
7.8
EPSS Score
0.04%
Published
2024-01-23
Updated
2024-01-29
A remote authentication bypass issue exists in some
OneView APIs.
Max CVSS
9.8
EPSS Score
0.14%
Published
2023-09-14
Updated
2023-09-19
A remote authentication bypass issue exists in a OneView API.
Max CVSS
9.8
EPSS Score
0.31%
Published
2023-09-07
Updated
2023-09-13
HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-04-14
Updated
2023-04-21
An HPE OneView appliance dump may expose SNMPv3 read credentials
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-04-25
Updated
2023-05-04
An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules
Max CVSS
7.1
EPSS Score
0.04%
Published
2023-04-25
Updated
2023-05-04
An HPE OneView appliance dump may expose SAN switch administrative credentials
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-04-25
Updated
2023-05-04
An HPE OneView appliance dump may expose OneView user accounts
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-04-25
Updated
2023-05-04
An HPE OneView appliance dump may expose proxy credential settings
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-04-25
Updated
2023-05-04
HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-04-25
Updated
2023-05-04
HPE OneView may have a missing passphrase during restore.
Max CVSS
5.5
EPSS Score
0.05%
Published
2024-01-23
Updated
2024-01-29
A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s): Prior to 7.0 or 6.60.01. A low privileged user could locally exploit this vulnerability to disclose sensitive information resulting in a complete loss of confidentiality, integrity, and availability. To exploit this vulnerability, HPE OneView must be configured with credential access to external repositories. HPE has provided a software update to resolve this vulnerability in HPE OneView.
Max CVSS
5.5
EPSS Score
0.04%
Published
2022-08-31
Updated
2022-09-07
A remote bypass security restrictions vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.
Max CVSS
9.8
EPSS Score
0.34%
Published
2022-05-17
Updated
2022-05-25
A remote server-side request forgery (ssrf) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.
Max CVSS
9.8
EPSS Score
0.18%
Published
2022-05-17
Updated
2022-05-26
A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.
Max CVSS
6.1
EPSS Score
0.06%
Published
2022-05-17
Updated
2022-05-25
A local unauthorized read access to files vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
Max CVSS
5.5
EPSS Score
0.04%
Published
2022-04-04
Updated
2022-04-13
A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-04-04
Updated
2022-04-13
A remote unauthenticated disclosure of information vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
Max CVSS
7.5
EPSS Score
0.17%
Published
2022-04-04
Updated
2022-04-13
A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
Max CVSS
6.1
EPSS Score
0.06%
Published
2022-04-04
Updated
2022-04-12
There is a remote escalation of privilege possible for a malicious user that has a OneView account in OneView and Synergy Composer. HPE has provided updates to Oneview and Synergy Composer: Update to version 5.5 of OneView, Composer, or Composer2.
Max CVSS
8.8
EPSS Score
0.36%
Published
2020-11-06
Updated
2021-07-21
Unspecified vulnerability in HP OneView 1.0 and 1.01 allows remote authenticated users to gain privileges via unknown vectors.
Max CVSS
6.5
EPSS Score
0.24%
Published
2014-05-08
Updated
2019-10-09
22 vulnerabilities found