8 results (0.002 seconds)

CVSS: -EPSS: 0%CPEs: 1EXPL: 0

This vulnerability could be exploited, leading to unauthorized disclosure of information to authenticated users. • https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn04721en_us&docLocale=en_US • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

A remote code execution issue exists in HPE OneView. Existe un problema de ejecución remota de código en HPE OneView. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise OneView. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Backup functionality. The issue results from the product's use of a hard-coded cryptographic key. • https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04548en_us • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens • https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04468en_us https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04469en_us • CWE-522: Insufficiently Protected Credentials •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

An HPE OneView Global Dashboard (OVGD) appliance dump may expose OVGD user account credentials • https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04468en_us •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Hewlett Packard Enterprise HPE OneView Global Dashboard (OVGD). Vulnerabilidad de redirección de URL a un sitio que no es de confianza ("Open Redirect") en Hewlett Packard Enterprise HPE OneView Global Dashboard (OVGD). • https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04370en_us • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •