VYPR

Telco Service Orchestrator

by HPE

CVEs (2)

  • CVE-2025-37184CriJan 14, 2026
    risk 0.64cvss 9.8epss 0.01

    A vulnerability exists in an Orchestrator service that could allow an unauthenticated remote attacker to bypass multi-factor authentication requirements. Successful exploitation could allow an attacker to create an admin user account without the necessary multi-factor…

  • CVE-2025-37104HigJul 16, 2025
    risk 0.46cvss 7.1epss 0.00

    A security vulnerability has been identified in HPE Telco Service Orchestrator software. The vulnerability could allow authenticated clients to to perform a SQL Injection attack when sending a service request, and potentially exfiltrate the database's vendor name to unauthorized…