Vulnerabilities > HPE
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-27 | CVE-2022-28622 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in HPE Storeonce 3640 Firmware 4.2.3/4.3.0 A potential security vulnerability has been identified in HPE StoreOnce Software. | 7.5 |
| 2022-06-24 | CVE-2022-28619 | Unspecified vulnerability in HPE Control Repository Manager A potential security vulnerability has been identified in the installer of HPE Version Control Repository Manager. | 7.8 |
| 2022-06-24 | CVE-2022-28620 | Unspecified vulnerability in HPE products A remote authentication bypass vulnerability was discovered in HPE Cray Legacy Shasta System Solutions; HPE Slingshot; and HPE Cray EX supercomputers versions: Prior to node controller firmware associated with HPE Cray EX liquid cooled blades, and all versions of chassis controller firmware associated with HPE Cray EX liquid cooled cabinets prior to 1.6.27/1.5.33/1.4.27; All Slingshot versions prior to 1.7.2; All versions of node controller firmware associated with HPE Cray EX liquid cooled blades, and all versions of chassis controller firmware associated with HPE Cray EX liquid cooled cabinets prior to 1.6.27/1.5.33/1.4.27. | 9.8 |
| 2022-05-20 | CVE-2022-28618 | Command Injection vulnerability in HPE Nimbleos A command injection security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays and HPE Nimble Storage Secondary Flash Arrays that could allow an attacker to execute arbitrary commands on a Nimble appliance. | 9.8 |
| 2022-05-09 | CVE-2022-23705 | Unspecified vulnerability in HPE Nimbleos A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays, and HPE Nimble Storage Secondary Flash Arrays which could potentially allow the upload, but not execution, of unauthorized update binaries to the array. | 7.5 |
| 2022-04-12 | CVE-2021-41004 | Unspecified vulnerability in HPE products A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series version(s): Firmware below v1.0.7.0. | 7.5 |
| 2022-04-12 | CVE-2021-41005 | Unspecified vulnerability in HPE products A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series version(s): Firmware below v1.0.7.0. | 6.5 |
| 2022-04-12 | CVE-2022-23702 | Unspecified vulnerability in HPE products A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 Servers. | 6.7 |
| 2022-04-12 | CVE-2022-23703 | Unspecified vulnerability in HPE Nimbleos A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays and HPE Nimble Storage Secondary Flash Arrays during update. | 7.5 |
| 2022-03-02 | CVE-2021-41000 | Command Injection vulnerability in HPE Arubaos-Cx Multiple authenticated remote code execution vulnerabilities were discovered in the AOS-CX command line interface in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): AOS-CX 10.06.xxxx: 10.06.0170 and below, AOS-CX 10.07.xxxx: 10.07.0050 and below, AOS-CX 10.08.xxxx: 10.08.1030 and below. | 8.8 |