Vulnerabilities > CVE-2022-37939 - Unspecified vulnerability in HPE products

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

hpe

NVD

Published: 2023-03-10

Updated: 2023-11-07

Summary

A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. The vulnerability could be locally exploited to allow disclosure of information. HPE has made the following software to resolve the vulnerability in HPE Superdome Flex Servers v3.65.8 and Superdome Flex 280 Servers v1.45.8.

Vulnerable Configurations

Part	Description	Count
OS	Hpe HPE Superdome Flex 280 Server Firmware - HPE Superdome Flex 280 Server Firmware 1.20.204 HPE Superdome Flex Server Firmware 3.20.186 HPE Superdome Flex Server Firmware 3.20.206 HPE Superdome Flex Server Firmware 3.25.46 HPE Superdome Flex Server Firmware 3.30.142 HPE Superdome Flex Server Firmware 3.40.106	7
Hardware	Hpe HPE Superdome Flex 280 Server - HPE Superdome Flex Server -	2

References

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04453en_us