Vulnerabilities > HP > Oneview > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-23 | CVE-2023-50274 | Command Injection vulnerability in HP Oneview HPE OneView may allow command injection with local privilege escalation. | 7.8 |
| 2024-01-23 | CVE-2023-50275 | Improper Authentication vulnerability in HP Oneview HPE OneView may allow clusterService Authentication Bypass resulting in denial of service. | 7.5 |
| 2023-04-25 | CVE-2023-28088 | Insufficiently Protected Credentials vulnerability in HP Oneview An HPE OneView appliance dump may expose SAN switch administrative credentials | 7.8 |
| 2023-04-25 | CVE-2023-28089 | Insufficiently Protected Credentials vulnerability in HP Oneview An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules | 7.1 |
| 2022-04-04 | CVE-2022-23698 | Unspecified vulnerability in HP Oneview A remote unauthenticated disclosure of information vulnerability was discovered in HPE OneView version(s): Prior to 6.6. | 7.5 |
| 2022-04-04 | CVE-2022-23699 | Unspecified vulnerability in HP Oneview A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s): Prior to 6.6. | 7.8 |
| 2020-11-06 | CVE-2020-7198 | Unspecified vulnerability in HP Oneview, Synergy Composer and Synergy Composer 2 There is a remote escalation of privilege possible for a malicious user that has a OneView account in OneView and Synergy Composer. | 8.8 |