CVE-2023-28087
https://notcve.org/view.php?id=CVE-2023-28087
An HPE OneView appliance dump may expose OneView user accounts • https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04469en_us •
CVE-2023-28086
https://notcve.org/view.php?id=CVE-2023-28086
An HPE OneView appliance dump may expose proxy credential settings • https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04469en_us •
CVE-2023-28091
https://notcve.org/view.php?id=CVE-2023-28091
HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump • https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04467en_us •
CVE-2022-28616
https://notcve.org/view.php?id=CVE-2022-28616
A remote server-side request forgery (ssrf) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView. Se ha detectado una vulnerabilidad de tipo server-side request forgery (ssrf) remoto en HPE OneView versiones: Anteriores a 7.0. HPE ha proporcionado una actualización de software para resolver esta vulnerabilidad en HPE OneView • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04278en_us • CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2022-23706
https://notcve.org/view.php?id=CVE-2022-23706
A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView. Se ha detectado una vulnerabilidad de tipo cross-site scripting (xss) remoto en HPE OneView versiones anteriores a 7.0. HPE ha proporcionado una actualización de software para resolver esta vulnerabilidad en HPE OneView • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04278en_us • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •