Vulnerabilities > HP > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-25 | CVE-2023-28084 | Insufficiently Protected Credentials vulnerability in multiple products HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens | 5.5 |
| 2023-04-25 | CVE-2023-28086 | Unspecified vulnerability in HP Oneview An HPE OneView appliance dump may expose proxy credential settings | 5.5 |
| 2023-04-25 | CVE-2023-28087 | Unspecified vulnerability in HP Oneview An HPE OneView appliance dump may expose OneView user accounts | 5.5 |
| 2023-04-25 | CVE-2023-28090 | Insufficiently Protected Credentials vulnerability in HP Oneview An HPE OneView appliance dump may expose SNMPv3 read credentials | 5.5 |
| 2023-04-14 | CVE-2023-28091 | Unspecified vulnerability in HP Oneview HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump | 5.5 |
| 2023-03-22 | CVE-2023-28083 | Cross-site Scripting vulnerability in HP products A remote Cross-site Scripting vulnerability was discovered in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4). | 5.4 |
| 2023-03-01 | CVE-2022-37935 | Unspecified vulnerability in HP Oneview for VMWare Vcenter HPE OneView for VMware vCenter, in certain circumstances, may disclose the “HPE OneView” Username and Password. | 5.5 |
| 2022-12-12 | CVE-2021-46846 | Cross-site Scripting vulnerability in HP Integrated Lights-Out 5 Firmware 1.30/1.37/1.40 Cross Site Scripting vulnerability in Hewlett Packard Enterprise Integrated Lights-Out 5. | 6.1 |
| 2022-05-17 | CVE-2022-23706 | Cross-site Scripting vulnerability in HP Oneview A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. | 4.3 |
| 2022-05-09 | CVE-2022-23704 | Unspecified vulnerability in HP Integrated Lights-Out 4 2.78 A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). | 5.0 |