Vulnerabilities > HP

DATE CVE VULNERABILITY TITLE RISK
2021-02-09 CVE-2021-25140 Path Traversal vulnerability in HP Moonshot Provisioning Manager 1.20
A potential security vulnerability has been identified in the HPE Moonshot Provisioning Manager v1.20.
network
low complexity
hp CWE-22
critical
10.0
2021-02-09 CVE-2021-25139 Out-Of-Bounds Write vulnerability in HP Moonshot Provisioning Manager 1.20
A potential security vulnerability has been identified in the HPE Moonshot Provisioning Manager v1.20.
network
low complexity
hp CWE-787
critical
10.0
2021-01-05 CVE-2020-7202 Information Exposure vulnerability in HP Integrated Lights-Out 4 and Integrated Lights-Out 5
A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4) firmware.
network
low complexity
hp CWE-200
5.0
2020-12-18 CVE-2020-7203 Unspecified vulnerability in HP ILO Amplifier Pack 1.70
A potential security vulnerability has been identified in HPE iLO Amplifier Pack server version 1.70.
network
low complexity
hp
7.5
2020-12-18 CVE-2020-7201 Cross-Site Request Forgery (CSRF) vulnerability in HP products
A potential security vulnerability has been identified in the HPE StoreEver MSL2024 Tape Library and HPE StoreEver 1/8 G2 Tape Autoloaders.
network
hp CWE-352
6.8
2020-12-18 CVE-2020-7200 Unspecified vulnerability in HP Systems Insight Manager 7.6
A potential security vulnerability has been identified in HPE Systems Insight Manager (SIM) version 7.6.
network
low complexity
hp
7.5
2020-12-02 CVE-2020-7199 Improper Authentication vulnerability in HP Edgeline Infrastructure Manager
A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software.
network
low complexity
hp CWE-287
critical
10.0
2020-11-06 CVE-2020-7198 Improper Privilege Management vulnerability in HP Oneview, Synergy Composer and Synergy Composer 2
There is a remote escalation of privilege possible for a malicious user that has a OneView account in OneView and Synergy Composer.
network
low complexity
hp CWE-269
6.5
2020-11-05 CVE-2020-7207 Improper Privilege Management vulnerability in HP products
A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE).
local
low complexity
hp CWE-269
7.2
2020-10-26 CVE-2020-7197 Improper Authentication vulnerability in HP Storeserv Management Console
SSMC3.7.0.0 is vulnerable to remote authentication bypass.
network
low complexity
hp CWE-287
7.5