CVE-2022-23697
https://notcve.org/view.php?id=CVE-2022-23697
A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView. Se ha detectado una vulnerabilidad de tipo cross-site scripting (xss) remoto en HPE OneView versión(es): Anteriores a 6.6. HPE ha proporcionado una actualización de software para resolver esta vulnerabilidad en HPE OneView • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04252en_us • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-7198
https://notcve.org/view.php?id=CVE-2020-7198
There is a remote escalation of privilege possible for a malicious user that has a OneView account in OneView and Synergy Composer. HPE has provided updates to Oneview and Synergy Composer: Update to version 5.5 of OneView, Composer, or Composer2. Se presenta una posible escalada de privilegios remota para un usuario malicioso que posee una cuenta de OneView en OneView y Synergy Composer. HPE ha proporcionado actualizaciones para Oneview y Synergy Composer: Actualice a la versión 5.5 de OneView, Composer o Composer2 • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04047en_us •
CVE-2014-2602
https://notcve.org/view.php?id=CVE-2014-2602
Unspecified vulnerability in HP OneView 1.0 and 1.01 allows remote authenticated users to gain privileges via unknown vectors. Vulnerabilidad no especificada en HP OneView 1.0 y 1.01 permite a usuarios remotos autenticados ganar privilegios a través de vectores desconocidos. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04273152 •