Vulnerabilities > HP > Oneview

DATE CVE VULNERABILITY TITLE RISK
2023-04-25 CVE-2023-28089 Insufficiently Protected Credentials vulnerability in HP Oneview
An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules
local
low complexity
hp CWE-522
7.1
7.1
2023-04-25 CVE-2023-28090 Insufficiently Protected Credentials vulnerability in HP Oneview
An HPE OneView appliance dump may expose SNMPv3 read credentials
local
low complexity
hp CWE-522
5.5
5.5
2023-04-14 CVE-2023-28091 Unspecified vulnerability in HP Oneview
HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump
local
low complexity
hp
5.5
5.5
2022-08-31 CVE-2022-28625 Information Exposure Through Log Files vulnerability in HP Oneview
A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s): Prior to 7.0 or 6.60.01.
local
low complexity
hp CWE-532
5.5
5.5
2022-05-17 CVE-2022-28616 Server-Side Request Forgery (SSRF) vulnerability in HP Oneview
A remote server-side request forgery (ssrf) vulnerability was discovered in HPE OneView version(s): Prior to 7.0.
network
low complexity
hp CWE-918
critical
 9.8
9.8
2022-05-17 CVE-2022-23706 Cross-site Scripting vulnerability in HP Oneview
A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 7.0.
network
low complexity
hp CWE-79
6.1
6.1
2022-05-17 CVE-2022-28617 Unspecified vulnerability in HP Oneview
A remote bypass security restrictions vulnerability was discovered in HPE OneView version(s): Prior to 7.0.
network
low complexity
hp
critical
 9.8
9.8
2022-04-04 CVE-2022-23697 Cross-site Scripting vulnerability in HP Oneview
A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 6.6.
network
low complexity
hp CWE-79
6.1
6.1
2022-04-04 CVE-2022-23698 Unspecified vulnerability in HP Oneview
A remote unauthenticated disclosure of information vulnerability was discovered in HPE OneView version(s): Prior to 6.6.
network
low complexity
hp
7.5
7.5
2022-04-04 CVE-2022-23699 Unspecified vulnerability in HP Oneview
A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s): Prior to 6.6.
local
low complexity
hp
7.8
7.8