Vulnerabilities > CVE-2022-23702 - Unspecified vulnerability in HPE products

CVSS 6.7 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

hpe

NVD

Published: 2022-04-12

Updated: 2023-08-08

Summary

A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 Servers. The vulnerability could be locally exploited to allow an user with Administrator access to escalate their privilege. The vulnerability is resolved in the latest firmware update. HPE Superdome Flex Server Version 3.50.58 or later, HPE Superdome Flex 280 Server Version 1.20.204 or later.

Vulnerable Configurations

Part	Description	Count
OS	Hpe HPE Superdome Flex Server Firmware 3.20.186 HPE Superdome Flex Server Firmware 3.20.206 HPE Superdome Flex Server Firmware 3.25.46 HPE Superdome Flex Server Firmware 3.30.142 HPE Superdome Flex Server Firmware 3.40.106 HPE Superdome Flex 280 Server Firmware -	6
Hardware	Hpe HPE Superdome Flex Server - HPE Superdome Flex 280 Server -	2

References

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04266en_us