Vulnerabilities > HP

DATE CVE VULNERABILITY TITLE RISK
2021-01-05 CVE-2020-7202 Information Exposure vulnerability in HP Integrated Lights-Out 4 and Integrated Lights-Out 5
A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4) firmware.
network
low complexity
hp CWE-200
5.0
2020-12-18 CVE-2020-7203 Unspecified vulnerability in HP ILO Amplifier Pack 1.70
A potential security vulnerability has been identified in HPE iLO Amplifier Pack server version 1.70.
network
low complexity
hp
7.5
2020-12-18 CVE-2020-7201 Cross-Site Request Forgery (CSRF) vulnerability in HP products
A potential security vulnerability has been identified in the HPE StoreEver MSL2024 Tape Library and HPE StoreEver 1/8 G2 Tape Autoloaders.
network
hp CWE-352
6.8
2020-12-18 CVE-2020-7200 Unspecified vulnerability in HP Systems Insight Manager 7.6
A potential security vulnerability has been identified in HPE Systems Insight Manager (SIM) version 7.6.
network
low complexity
hp
7.5
2020-12-02 CVE-2020-7199 Improper Authentication vulnerability in HP Edgeline Infrastructure Manager
A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software.
network
low complexity
hp CWE-287
critical
10.0
2020-11-06 CVE-2020-7198 Improper Privilege Management vulnerability in HP Oneview, Synergy Composer and Synergy Composer 2
There is a remote escalation of privilege possible for a malicious user that has a OneView account in OneView and Synergy Composer.
network
low complexity
hp CWE-269
6.5
2020-11-05 CVE-2020-7207 Improper Privilege Management vulnerability in HP products
A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE).
local
low complexity
hp CWE-269
7.2
2020-10-26 CVE-2020-7197 Improper Authentication vulnerability in HP Storeserv Management Console
SSMC3.7.0.0 is vulnerable to remote authentication bypass.
network
low complexity
hp CWE-287
7.5
2020-10-26 CVE-2020-7196 Insufficiently Protected Credentials vulnerability in HP Bluedata Epic and Ezmeral Container Platform
The HPE BlueData EPIC Software Platform version 4.0 and HPE Ezmeral Container Platform 5.0 use an insecure method of handling sensitive Kerberos passwords that is susceptible to unauthorized interception and/or retrieval.
network
low complexity
hp CWE-522
4.0
2020-10-22 CVE-2020-11853 Arbitrary code execution vulnerability affecting multiple Micro Focus products.
network
low complexity
microfocus hp
6.5