Vulnerabilities > HPE

DATE CVE VULNERABILITY TITLE RISK
2021-10-11 CVE-2021-26588 Unspecified vulnerability in HPE products
A potential security vulnerability has been identified in HPE 3PAR StoreServ, HPE Primera Storage and HPE Alletra 9000 Storage array firmware.
network
low complexity
hpe
critical
10.0
2021-09-27 CVE-2021-26587 Cross-site Scripting vulnerability in HPE products
A potential DOM-based Cross Site Scripting security vulnerability has been identified in HPE StoreOnce.
network
hpe CWE-79
6.0
2021-06-25 CVE-2021-33895 Incorrect Authorization vulnerability in multiple products
ETINET BACKBOX E4.09 and H4.09 mismanages password access control.
network
hpe etinet CWE-863
6.8
2021-06-24 CVE-2021-26585 Exposure of Resource to Wrong Sphere vulnerability in HPE Oneview Global Dashboard 2.31
A potential vulnerability has been identified in HPE OneView Global Dashboard release 2.31 which could lead to a local disclosure of privileged information.
local
low complexity
hpe CWE-668
2.1
2021-04-01 CVE-2021-26581 Unspecified vulnerability in HPE Superdome Flex Server Firmware 3.20.186/3.20.206/3.25.46
A potential security vulnerability has been identified in HPE Superdome Flex server.
network
low complexity
hpe
4.0
2021-04-01 CVE-2021-26580 Cross-site Scripting vulnerability in HPE Integrated Lights-Out Amplifier 1.80
A potential security vulnerability has been identified in HPE iLO Amplifier Pack.
network
hpe CWE-79
4.3
2021-03-30 CVE-2021-26579 Cleartext Storage of Sensitive Information vulnerability in HPE Unified Data Management 1.2009.0/1.2101.0
A security vulnerability in HPE Unified Data Management (UDM) could allow the local disclosure of privileged information (CWE-321: Use of Hard-coded Cryptographic Key in a product).
local
low complexity
hpe CWE-312
2.1
2021-03-22 CVE-2021-26578 SQL Injection vulnerability in HPE Network Orchestrator
A potential security vulnerability has been identified in HPE Network Orchestrator (NetO) version(s): Prior to 2.5.
network
low complexity
hpe CWE-89
5.0
2021-02-09 CVE-2021-3191 Unspecified vulnerability in HPE web Viewpoint
Idelji Web ViewPoint Suite, as used in conjunction with HPE NonStop, allows Remote Unauthorized Access for T0320L01^ABY and T0320L01^ACD, T0952L01^AAR through T0952L01^AAX, and T0986L01^AAD through T0986L01^AAJ (L) and T0320H01^ABW through T0320H01^ACC, T0952H01^AAQ through T0952H01^AAW, and T0986H01^AAC through T0986H01^AAI (J and H).
network
low complexity
hpe
critical
9.0
2021-02-09 CVE-2021-22267 Authentication Bypass by Capture-replay vulnerability in HPE web Viewpoint
Idelji Web ViewPoint Suite, as used in conjunction with HPE NonStop, allows a remote replay attack for T0320L01^ABP through T0320L01^ABZ, T0952L01^AAH through T0952L01^AAR, T0986L01 through T0986L01^AAF, T0665L01^AAP, and T0662L01^AAP (L) and T0320H01^ABO through T0320H01^ABY, T0952H01^AAG through T0952H01^AAQ, T0986H01 through T0986H01^AAE, T0665H01^AAO, and T0662H01^AAO (J and H).
network
hpe CWE-294
4.3