CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-28087
https://notcve.org/view.php?id=CVE-2023-28087
An HPE OneView appliance dump may expose OneView user accounts • https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04469en_us •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-28086
https://notcve.org/view.php?id=CVE-2023-28086
An HPE OneView appliance dump may expose proxy credential settings • https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04469en_us •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28625
https://notcve.org/view.php?id=CVE-2022-28625
A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s): Prior to 7.0 or 6.60.01. A low privileged user could locally exploit this vulnerability to disclose sensitive information resulting in a complete loss of confidentiality, integrity, and availability. To exploit this vulnerability, HPE OneView must be configured with credential access to external repositories. HPE has provided a software update to resolve this vulnerability in HPE OneView. Se ha detectado una vulnerabilidad de divulgación local de información confidencial HPE OneView: Versiones anteriores a 7.0 o 6.60.01. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04304en_us • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28616
https://notcve.org/view.php?id=CVE-2022-28616
A remote server-side request forgery (ssrf) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView. Se ha detectado una vulnerabilidad de tipo server-side request forgery (ssrf) remoto en HPE OneView versiones: Anteriores a 7.0. HPE ha proporcionado una actualización de software para resolver esta vulnerabilidad en HPE OneView • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04278en_us • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23706
https://notcve.org/view.php?id=CVE-2022-23706
A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView. Se ha detectado una vulnerabilidad de tipo cross-site scripting (xss) remoto en HPE OneView versiones anteriores a 7.0. HPE ha proporcionado una actualización de software para resolver esta vulnerabilidad en HPE OneView • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04278en_us • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •