Vulnerabilities > HP
|2021-01-05||CVE-2020-7202|| Information Exposure vulnerability in HP Integrated Lights-Out 4 and Integrated Lights-Out 5 |
A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4) firmware.
| 5.0 |
|2020-12-18||CVE-2020-7203|| Unspecified vulnerability in HP ILO Amplifier Pack 1.70 |
A potential security vulnerability has been identified in HPE iLO Amplifier Pack server version 1.70.
| 7.5 |
|2020-12-18||CVE-2020-7201|| Cross-Site Request Forgery (CSRF) vulnerability in HP products |
A potential security vulnerability has been identified in the HPE StoreEver MSL2024 Tape Library and HPE StoreEver 1/8 G2 Tape Autoloaders.
| 6.8 |
|2020-12-18||CVE-2020-7200|| Unspecified vulnerability in HP Systems Insight Manager 7.6 |
A potential security vulnerability has been identified in HPE Systems Insight Manager (SIM) version 7.6.
| 7.5 |
|2020-12-02||CVE-2020-7199|| Improper Authentication vulnerability in HP Edgeline Infrastructure Manager |
A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software.
| 10.0 |
|2020-11-06||CVE-2020-7198|| Improper Privilege Management vulnerability in HP Oneview, Synergy Composer and Synergy Composer 2 |
There is a remote escalation of privilege possible for a malicious user that has a OneView account in OneView and Synergy Composer.
| 6.5 |
|2020-11-05||CVE-2020-7207|| Improper Privilege Management vulnerability in HP products |
A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE).
| 7.2 |
|2020-10-26||CVE-2020-7197|| Improper Authentication vulnerability in HP Storeserv Management Console |
SSMC18.104.22.168 is vulnerable to remote authentication bypass.
| 7.5 |
|2020-10-26||CVE-2020-7196|| Insufficiently Protected Credentials vulnerability in HP Bluedata Epic and Ezmeral Container Platform |
The HPE BlueData EPIC Software Platform version 4.0 and HPE Ezmeral Container Platform 5.0 use an insecure method of handling sensitive Kerberos passwords that is susceptible to unauthorized interception and/or retrieval.
| 4.0 |
|2020-10-22||CVE-2020-11853||Arbitrary code execution vulnerability affecting multiple Micro Focus products.|| 6.5 |