Vulnerabilities > HPE
|2021-06-25||CVE-2021-33895|| Incorrect Authorization vulnerability in multiple products |
ETINET BACKBOX E4.09 and H4.09 mismanages password access control.
| 6.8 |
|2021-06-24||CVE-2021-26585|| Exposure of Resource TO Wrong Sphere vulnerability in HPE Oneview Global Dashboard 2.31 |
A potential vulnerability has been identified in HPE OneView Global Dashboard release 2.31 which could lead to a local disclosure of privileged information.
| 2.1 |
|2021-04-01||CVE-2021-26581|| Unspecified vulnerability in HPE Superdome Flex Server Firmware 3.20.186/3.20.206/3.25.46 |
A potential security vulnerability has been identified in HPE Superdome Flex server.
| 4.0 |
|2021-04-01||CVE-2021-26580|| Cross-Site Scripting vulnerability in HPE Integrated Lights-Out Amplifier |
A potential security vulnerability has been identified in HPE iLO Amplifier Pack.
| 4.3 |
|2021-03-30||CVE-2021-26579|| Cleartext Storage of Sensitive Information vulnerability in HPE Unified Data Management 1.2009.0/1.2101.0 |
A security vulnerability in HPE Unified Data Management (UDM) could allow the local disclosure of privileged information (CWE-321: Use of Hard-coded Cryptographic Key in a product).
| 2.1 |
|2021-03-22||CVE-2021-26578|| SQL Injection vulnerability in HPE Network Orchestrator |
A potential security vulnerability has been identified in HPE Network Orchestrator (NetO) version(s): Prior to 2.5.
| 5.0 |
|2021-02-09||CVE-2021-3191|| Unspecified vulnerability in HPE web Viewpoint |
Idelji Web ViewPoint Suite, as used in conjunction with HPE NonStop, allows Remote Unauthorized Access for T0320L01^ABY and T0320L01^ACD, T0952L01^AAR through T0952L01^AAX, and T0986L01^AAD through T0986L01^AAJ (L) and T0320H01^ABW through T0320H01^ACC, T0952H01^AAQ through T0952H01^AAW, and T0986H01^AAC through T0986H01^AAI (J and H).
| 9.0 |
|2021-02-09||CVE-2021-22267|| Authentication Bypass BY Capture-Replay vulnerability in HPE web Viewpoint |
Idelji Web ViewPoint Suite, as used in conjunction with HPE NonStop, allows a remote replay attack for T0320L01^ABP through T0320L01^ABZ, T0952L01^AAH through T0952L01^AAR, T0986L01 through T0986L01^AAF, T0665L01^AAP, and T0662L01^AAP (L) and T0320H01^ABO through T0320H01^ABY, T0952H01^AAG through T0952H01^AAQ, T0986H01 through T0986H01^AAE, T0665H01^AAO, and T0662H01^AAO (J and H).
| 4.3 |
|2021-02-09||CVE-2021-25141||A security vulnerability has been identified in in certain HPE and Aruba L2/L3 switch firmware.|| 4.9 |
|2021-02-08||CVE-2021-26576|| Command Injection vulnerability in HPE Baseboard Management Controller |
The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 22.214.171.124 has a command injection vulnerability in libifc.so uploadsshkey function.
| 7.2 |