CVE-2023-28084 – HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens
https://notcve.org/view.php?id=CVE-2023-28084
HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens • https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04468en_us https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04469en_us • CWE-522: Insufficiently Protected Credentials •
CVE-2023-28085
https://notcve.org/view.php?id=CVE-2023-28085
An HPE OneView Global Dashboard (OVGD) appliance dump may expose OVGD user account credentials • https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04468en_us •
CVE-2022-37927
https://notcve.org/view.php?id=CVE-2022-37927
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Hewlett Packard Enterprise HPE OneView Global Dashboard (OVGD). Vulnerabilidad de redirección de URL a un sitio que no es de confianza ("Open Redirect") en Hewlett Packard Enterprise HPE OneView Global Dashboard (OVGD). • https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04370en_us • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2021-29217
https://notcve.org/view.php?id=CVE-2021-29217
A remote URL redirection vulnerability was discovered in HPE OneView Global Dashboard version(s): Prior to 2.5. HPE has provided a software update to resolve this vulnerability in HPE OneView Global Dashboard. Se ha detectado una vulnerabilidad de redireccionamiento de URL remota en HPE OneView Global Dashboard versiones: Anteriores a 2.5. HPE ha proporcionado una actualización de software para resolver esta vulnerabilidad en HPE OneView Global Dashboard • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04228en_us • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2021-29216
https://notcve.org/view.php?id=CVE-2021-29216
A remote cross-site scripting vulnerability was discovered in HPE OneView Global Dashboard version(s): Prior to 2.5. HPE has provided a software update to resolve this vulnerability in HPE OneView Global Dashboard. Se ha detectado una vulnerabilidad de tipo cross-site scripting remoto en HPE OneView Global Dashboard versiones: Anteriores a 2.5. HPE ha proporcionado una actualización de software para resolver esta vulnerabilidad en HPE OneView Global Dashboard • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04228en_us • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •