OneView
by HPE
CVEs (13)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-30909 | Cri | 0.64 | 9.8 | 0.01 | Sep 14, 2023 | A remote authentication bypass issue exists in some OneView APIs. | ||
| CVE-2023-30908 | Cri | 0.64 | 9.8 | 0.01 | Sep 7, 2023 | A remote authentication bypass issue exists in a OneView API. | ||
| CVE-2023-50274 | Hig | 0.51 | 7.8 | 0.01 | Jan 23, 2024 | HPE OneView may allow command injection with local privilege escalation. | ||
| CVE-2023-28088 | Hig | 0.51 | 7.8 | 0.00 | Apr 25, 2023 | An HPE OneView appliance dump may expose SAN switch administrative credentials | ||
| CVE-2023-50275 | Hig | 0.49 | 7.5 | 0.01 | Jan 23, 2024 | HPE OneView may allow clusterService Authentication Bypass resulting in denial of service. | ||
| CVE-2023-30912 | Hig | 0.47 | 7.2 | 0.01 | Oct 25, 2023 | A remote code execution issue exists in HPE OneView. | ||
| CVE-2023-28089 | Hig | 0.46 | 7.1 | 0.00 | Apr 25, 2023 | An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules | ||
| CVE-2023-6573 | Med | 0.36 | 5.5 | 0.00 | Jan 23, 2024 | HPE OneView may have a missing passphrase during restore. | ||
| CVE-2023-28084 | Med | 0.36 | 5.5 | 0.00 | Apr 25, 2023 | HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens | ||
| CVE-2023-28090 | Med | 0.36 | 5.5 | 0.00 | Apr 25, 2023 | An HPE OneView appliance dump may expose SNMPv3 read credentials | ||
| CVE-2023-28087 | Med | 0.36 | 5.5 | 0.00 | Apr 25, 2023 | An HPE OneView appliance dump may expose OneView user accounts | ||
| CVE-2023-28086 | Med | 0.36 | 5.5 | 0.00 | Apr 25, 2023 | An HPE OneView appliance dump may expose proxy credential settings | ||
| CVE-2023-28091 | Med | 0.36 | 5.5 | 0.00 | Apr 14, 2023 | HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump |
- risk 0.64cvss 9.8epss 0.01
A remote authentication bypass issue exists in some OneView APIs.
- risk 0.64cvss 9.8epss 0.01
A remote authentication bypass issue exists in a OneView API.
- risk 0.51cvss 7.8epss 0.01
HPE OneView may allow command injection with local privilege escalation.
- risk 0.51cvss 7.8epss 0.00
An HPE OneView appliance dump may expose SAN switch administrative credentials
- risk 0.49cvss 7.5epss 0.01
HPE OneView may allow clusterService Authentication Bypass resulting in denial of service.
- risk 0.47cvss 7.2epss 0.01
A remote code execution issue exists in HPE OneView.
- risk 0.46cvss 7.1epss 0.00
An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules
- risk 0.36cvss 5.5epss 0.00
HPE OneView may have a missing passphrase during restore.
- risk 0.36cvss 5.5epss 0.00
HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens
- risk 0.36cvss 5.5epss 0.00
An HPE OneView appliance dump may expose SNMPv3 read credentials
- risk 0.36cvss 5.5epss 0.00
An HPE OneView appliance dump may expose OneView user accounts
- risk 0.36cvss 5.5epss 0.00
An HPE OneView appliance dump may expose proxy credential settings
- risk 0.36cvss 5.5epss 0.00
HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump