Vulnerabilities > HP > Oneview > 6.6

DATE CVE VULNERABILITY TITLE RISK
2023-04-25 CVE-2023-28089 Insufficiently Protected Credentials vulnerability in HP Oneview
An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules
local
low complexity
hp CWE-522
7.1
7.1
2023-04-25 CVE-2023-28090 Insufficiently Protected Credentials vulnerability in HP Oneview
An HPE OneView appliance dump may expose SNMPv3 read credentials
local
low complexity
hp CWE-522
5.5
5.5
2022-08-31 CVE-2022-28625 Information Exposure Through Log Files vulnerability in HP Oneview
A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s): Prior to 7.0 or 6.60.01.
local
low complexity
hp CWE-532
5.5
5.5
2022-05-17 CVE-2022-28616 Server-Side Request Forgery (SSRF) vulnerability in HP Oneview
A remote server-side request forgery (ssrf) vulnerability was discovered in HPE OneView version(s): Prior to 7.0.
network
low complexity
hp CWE-918
critical
 9.8
9.8
2022-05-17 CVE-2022-23706 Cross-site Scripting vulnerability in HP Oneview
A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 7.0.
network
low complexity
hp CWE-79
6.1
6.1
2022-05-17 CVE-2022-28617 Unspecified vulnerability in HP Oneview
A remote bypass security restrictions vulnerability was discovered in HPE OneView version(s): Prior to 7.0.
network
low complexity
hp
critical
 9.8
9.8