HPE OneView may allow clusterService Authentication Bypass resulting in denial of service.
Max CVSS
7.5
EPSS Score
0.05%
Published
2024-01-23
Updated
2024-01-29
HPE OneView may allow command injection with local privilege escalation.
Max CVSS
7.8
EPSS Score
0.04%
Published
2024-01-23
Updated
2024-01-29
A remote authentication bypass issue exists in some OneView APIs.
Max CVSS
9.8
EPSS Score
0.14%
Published
2023-09-14
Updated
2023-09-19
A remote authentication bypass issue exists in a OneView API.
Max CVSS
9.8
EPSS Score
0.31%
Published
2023-09-07
Updated
2023-09-13
HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-04-14
Updated
2023-04-21
An HPE OneView appliance dump may expose SNMPv3 read credentials
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-04-25
Updated
2023-05-04
An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules
Max CVSS
7.1
EPSS Score
0.04%
Published
2023-04-25
Updated
2023-05-04
An HPE OneView appliance dump may expose SAN switch administrative credentials
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-04-25
Updated
2023-05-04
An HPE OneView appliance dump may expose OneView user accounts
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-04-25
Updated
2023-05-04
An HPE OneView appliance dump may expose proxy credential settings
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-04-25
Updated
2023-05-04
HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-04-25
Updated
2023-05-04
HPE OneView may have a missing passphrase during restore.
Max CVSS
5.5
EPSS Score
0.05%
Published
2024-01-23
Updated
2024-01-29
A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s): Prior to 7.0 or 6.60.01. A low privileged user could locally exploit this vulnerability to disclose sensitive information resulting in a complete loss of confidentiality, integrity, and availability. To exploit this vulnerability, HPE OneView must be configured with credential access to external repositories. HPE has provided a software update to resolve this vulnerability in HPE OneView.
Max CVSS
5.5
EPSS Score
0.04%
Published
2022-08-31
Updated
2022-09-07
A remote bypass security restrictions vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.
Max CVSS
9.8
EPSS Score
0.34%
Published
2022-05-17
Updated
2022-05-25
A remote server-side request forgery (ssrf) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.
Max CVSS
9.8
EPSS Score
0.18%
Published
2022-05-17
Updated
2022-05-26
A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.
Max CVSS
6.1
EPSS Score
0.06%
Published
2022-05-17
Updated
2022-05-25
A local unauthorized read access to files vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
Max CVSS
5.5
EPSS Score
0.04%
Published
2022-04-04
Updated
2022-04-13
A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-04-04
Updated
2022-04-13
A remote unauthenticated disclosure of information vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
Max CVSS
7.5
EPSS Score
0.17%
Published
2022-04-04
Updated
2022-04-13
A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
Max CVSS
6.1
EPSS Score
0.06%
Published
2022-04-04
Updated
2022-04-12
There is a remote escalation of privilege possible for a malicious user that has a OneView account in OneView and Synergy Composer. HPE has provided updates to Oneview and Synergy Composer: Update to version 5.5 of OneView, Composer, or Composer2.
Max CVSS
8.8
EPSS Score
0.36%
Published
2020-11-06
Updated
2021-07-21
Unspecified vulnerability in HP OneView 1.0 and 1.01 allows remote authenticated users to gain privileges via unknown vectors.
Max CVSS
6.5
EPSS Score
0.24%
Published
2014-05-08
Updated
2019-10-09
22 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!