Vulnerabilities > HPE
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-01 | CVE-2021-29213 | Unspecified vulnerability in HPE products A potential local bypass of security restrictions vulnerability has been identified in HPE ProLiant DL20 Gen10, HPE ProLiant ML30 Gen10, and HPE ProLiant MicroServer Gen10 Plus server's system ROMs prior to version 2.52. | 6.7 |
| 2021-10-19 | CVE-2021-26589 | Incorrect Permission Assignment for Critical Resource vulnerability in HPE products A potential security vulnerability has been identified in HPE Superdome Flex Servers. | 6.1 |
| 2021-10-11 | CVE-2021-26588 | Unspecified vulnerability in HPE products A potential security vulnerability has been identified in HPE 3PAR StoreServ, HPE Primera Storage and HPE Alletra 9000 Storage array firmware. | 9.8 |
| 2021-09-27 | CVE-2021-26587 | Cross-site Scripting vulnerability in HPE products A potential DOM-based Cross Site Scripting security vulnerability has been identified in HPE StoreOnce. | 6.5 |
| 2021-06-25 | CVE-2021-33895 | Improper Authentication vulnerability in multiple products ETINET BACKBOX E4.09 and H4.09 mismanages password access control. | 8.1 |
| 2021-06-24 | CVE-2021-26585 | Unspecified vulnerability in HPE Oneview Global Dashboard 2.31 A potential vulnerability has been identified in HPE OneView Global Dashboard release 2.31 which could lead to a local disclosure of privileged information. | 5.5 |
| 2021-04-01 | CVE-2021-26581 | Unspecified vulnerability in HPE Superdome Flex Server Firmware 3.20.186/3.20.206/3.25.46 A potential security vulnerability has been identified in HPE Superdome Flex server. | 6.5 |
| 2021-04-01 | CVE-2021-26580 | Cross-site Scripting vulnerability in HPE Integrated Lights-Out Amplifier 1.80 A potential security vulnerability has been identified in HPE iLO Amplifier Pack. | 6.1 |
| 2021-03-30 | CVE-2021-26579 | Use of Hard-coded Credentials vulnerability in HPE Unified Data Management 1.2009.0/1.2101.0 A security vulnerability in HPE Unified Data Management (UDM) could allow the local disclosure of privileged information (CWE-321: Use of Hard-coded Cryptographic Key in a product). | 5.5 |
| 2021-03-22 | CVE-2021-26578 | SQL Injection vulnerability in HPE Network Orchestrator A potential security vulnerability has been identified in HPE Network Orchestrator (NetO) version(s): Prior to 2.5. | 7.5 |