OneView for VMware vCenter (OV4VC)
by HPE
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-37101 | Hig | 0.57 | 8.7 | 0.00 | Jun 26, 2025 | A potential security vulnerability has been identified in HPE OneView for VMware vCenter (OV4VC). This vulnerability could be exploited allowing an attacker with read only privilege to cause Vertical Privilege Escalation (operator can perform admin actions). | ||
| CVE-2022-37935 | 0.00 | — | 0.00 | Feb 18, 2023 | HPE OneView for VMware vCenter, in certain circumstances, may disclose the “HPE OneView” Username and Password. | |||
| CVE-2021-26584 | 0.00 | — | 0.01 | Jun 3, 2021 | A security vulnerability in HPE OneView for VMware vCenter (OV4VC) could be exploited remotely to allow Cross-Site Scripting. HPE has released the following software update to resolve the vulnerability in HPE OneView for VMware vCenter (OV4VC). | |||
| CVE-2019-11992 | 0.00 | — | 0.01 | Dec 18, 2019 | A security vulnerability in HPE OneView for VMware vCenter 9.5 could be exploited remotely to allow Cross-Site Scripting. |
- risk 0.57cvss 8.7epss 0.00
A potential security vulnerability has been identified in HPE OneView for VMware vCenter (OV4VC). This vulnerability could be exploited allowing an attacker with read only privilege to cause Vertical Privilege Escalation (operator can perform admin actions).
- CVE-2022-37935Feb 18, 2023risk 0.00cvss —epss 0.00
HPE OneView for VMware vCenter, in certain circumstances, may disclose the “HPE OneView” Username and Password.
- CVE-2021-26584Jun 3, 2021risk 0.00cvss —epss 0.01
A security vulnerability in HPE OneView for VMware vCenter (OV4VC) could be exploited remotely to allow Cross-Site Scripting. HPE has released the following software update to resolve the vulnerability in HPE OneView for VMware vCenter (OV4VC).
- CVE-2019-11992Dec 18, 2019risk 0.00cvss —epss 0.01
A security vulnerability in HPE OneView for VMware vCenter 9.5 could be exploited remotely to allow Cross-Site Scripting.