Vulnerabilities > HPE
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-23 | CVE-2020-24626 | Path Traversal vulnerability in HPE Utility Computing Service Meter 1.9 Unathenticated directory traversal in the ReceiverServlet class doPost() method can lead to arbitrary remote code execution in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9. | 9.8 |
| 2020-09-23 | CVE-2020-24625 | Path Traversal vulnerability in HPE Utility Computing Service Meter 1.9 Unathenticated directory traversal in the ReceiverServlet class doGet() method can lead to arbitrary file reads in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9. | 7.5 |
| 2020-09-23 | CVE-2020-24624 | Path Traversal vulnerability in HPE Utility Computing Service Meter 1.9 Unathenticated directory traversal in the DownloadServlet class execute() method can lead to arbitrary file reads in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9. | 7.5 |
| 2020-09-18 | CVE-2020-24623 | SQL Injection vulnerability in HPE Universal API Framework A potential security vulnerability has been identified in Hewlett Packard Enterprise Universal API Framework. | 6.5 |
| 2020-07-30 | CVE-2020-7205 | Unspecified vulnerability in HPE products A potential security vulnerability has been identified in HPE Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. | 6.7 |
| 2020-05-19 | CVE-2020-7139 | Unspecified vulnerability in HPE Nimbleos Potential remote access security vulnerabilities have been identified with HPE Nimble Storage systems that could be exploited by an attacker to access and modify sensitive information on the system. | 8.1 |
| 2020-05-19 | CVE-2020-7138 | Unspecified vulnerability in HPE Nimbleos Potential remote code execution security vulnerabilities have been identified with HPE Nimble Storage systems that could be exploited by an attacker to gain elevated privileges on the array. | 8.8 |
| 2020-05-19 | CVE-2020-7137 | Improper Input Validation vulnerability in HPE Superdome Flex Server Firmware 3.20.186/3.20.206 A validation issue in HPE Superdome Flex's RMC component may allow local elevation of privilege. | 6.7 |
| 2020-04-30 | CVE-2020-7136 | Unspecified vulnerability in HPE Smart Update Manager A security vulnerability in HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access. | 9.8 |
| 2020-04-17 | CVE-2019-12002 | Unspecified vulnerability in HPE products A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage version(s): GL225P001 and earlier; GL225P001 and earlier; VE270R001-01 and earlier; GL225P001 and earlier; VL270R001-01 and earlier; VL270R001-01 and earlier. | 9.8 |