Vulnerabilities > HPE
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-29 | CVE-2023-39266 | Cross-site Scripting vulnerability in HPE Arubaos-Switch A vulnerability in the ArubaOS-Switch web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface provided certain configuration options are present. | 6.1 |
| 2023-08-29 | CVE-2023-39267 | Unspecified vulnerability in HPE Arubaos-Switch An authenticated remote code execution vulnerability exists in the command line interface in ArubaOS-Switch. | 6.5 |
| 2023-08-29 | CVE-2023-39268 | Out-of-bounds Write vulnerability in HPE Arubaos-Switch A memory corruption vulnerability in ArubaOS-Switch could lead to unauthenticated remote code execution by receiving specially crafted packets. | 9.8 |
| 2023-08-01 | CVE-2023-3718 | Command Injection vulnerability in HPE Arubaos-Cx 10.10.0000/10.10.1020/10.10.1030 An authenticated command injection vulnerability exists in the AOS-CX command line interface. | 8.8 |
| 2023-07-18 | CVE-2023-30906 | Unspecified vulnerability in HPE Intelligent Provisioning 1.72/2.81 The vulnerability could be locally exploited to allow escalation of privilege. | 7.8 |
| 2023-06-16 | CVE-2023-30904 | Unspecified vulnerability in HPE Insight Remote Support 7.12/7.12.0.529 A security vulnerability in HPE Insight Remote Support may result in the local disclosure of privileged LDAP information. | 5.5 |
| 2023-06-16 | CVE-2023-30905 | Unspecified vulnerability in HPE products The MC990 X and UV300 RMC component has and inadequate default configuration that could be exploited to obtain enhanced privilege. | 7.8 |
| 2023-04-25 | CVE-2023-28084 | Insufficiently Protected Credentials vulnerability in multiple products HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens | 5.5 |
| 2023-04-14 | CVE-2023-28085 | Unspecified vulnerability in HPE Oneview Global Dashboard 2.31/2.32 An HPE OneView Global Dashboard (OVGD) appliance dump may expose OVGD user account credentials | 5.5 |
| 2023-03-22 | CVE-2022-37940 | Open Redirect vulnerability in HPE products Potential security vulnerabilities have been identified in the HPE FlexFabric 5700 Switch Series. | 6.1 |