Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Hp Subscribe
Filtered by product Oneview
Total 10 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-28625 1 Hp 1 Oneview 2022-09-07 N/A 5.5 MEDIUM
A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s): Prior to 7.0 or 6.60.01. A low privileged user could locally exploit this vulnerability to disclose sensitive information resulting in a complete loss of confidentiality, integrity, and availability. To exploit this vulnerability, HPE OneView must be configured with credential access to external repositories. HPE has provided a software update to resolve this vulnerability in HPE OneView.
CVE-2022-28616 1 Hp 1 Oneview 2022-05-25 7.5 HIGH 9.8 CRITICAL
A remote server-side request forgery (ssrf) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.
CVE-2022-23706 1 Hp 1 Oneview 2022-05-25 4.3 MEDIUM 6.1 MEDIUM
A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.
CVE-2022-28617 1 Hp 1 Oneview 2022-05-25 7.5 HIGH 9.8 CRITICAL
A remote bypass security restrictions vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.
CVE-2022-23700 1 Hp 1 Oneview 2022-04-13 2.1 LOW 5.5 MEDIUM
A local unauthorized read access to files vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
CVE-2022-23699 1 Hp 1 Oneview 2022-04-13 4.6 MEDIUM 7.8 HIGH
A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
CVE-2022-23698 1 Hp 1 Oneview 2022-04-13 5.0 MEDIUM 7.5 HIGH
A remote unauthenticated disclosure of information vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
CVE-2022-23697 1 Hp 1 Oneview 2022-04-12 4.3 MEDIUM 6.1 MEDIUM
A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
CVE-2020-7198 1 Hp 3 Oneview, Synergy Composer, Synergy Composer 2 2021-07-21 6.5 MEDIUM 8.8 HIGH
There is a remote escalation of privilege possible for a malicious user that has a OneView account in OneView and Synergy Composer. HPE has provided updates to Oneview and Synergy Composer: Update to version 5.5 of OneView, Composer, or Composer2.
CVE-2014-2602 1 Hp 1 Oneview 2019-10-09 6.5 MEDIUM N/A
Unspecified vulnerability in HP OneView 1.0 and 1.01 allows remote authenticated users to gain privileges via unknown vectors.