Vulnerabilities > HPE > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-07-08 | CVE-2022-28623 | SQL Injection vulnerability in HPE Icewall SSO Certd 10.0 Security vulnerabilities in HPE IceWall SSO 10.0 certd could be exploited remotely to allow SQL injection or unauthorized data injection. | 9.8 |
2022-06-24 | CVE-2022-28620 | Unspecified vulnerability in HPE products A remote authentication bypass vulnerability was discovered in HPE Cray Legacy Shasta System Solutions; HPE Slingshot; and HPE Cray EX supercomputers versions: Prior to node controller firmware associated with HPE Cray EX liquid cooled blades, and all versions of chassis controller firmware associated with HPE Cray EX liquid cooled cabinets prior to 1.6.27/1.5.33/1.4.27; All Slingshot versions prior to 1.7.2; All versions of node controller firmware associated with HPE Cray EX liquid cooled blades, and all versions of chassis controller firmware associated with HPE Cray EX liquid cooled cabinets prior to 1.6.27/1.5.33/1.4.27. | 9.8 |
2022-05-20 | CVE-2022-28618 | Command Injection vulnerability in HPE Nimbleos A command injection security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays and HPE Nimble Storage Secondary Flash Arrays that could allow an attacker to execute arbitrary commands on a Nimble appliance. | 9.8 |
2022-01-18 | CVE-2021-29215 | Unspecified vulnerability in HPE TEZ A potential security vulnerability in HPE Ezmeral Data Fabric that may allow a remote access restriction bypass in the TEZ MapR ecosystem component was discovered in version(s): Prior to Tez-0.8: mapr-tez-0.8.201907081100-1.noarch; prior to Tez-0.9: mapr-tez-0.9.201907090334-1.noarch; prior to Tez-0.9.2: mapr-tez-0.9.2.0.201907081043-1.noarch. | 9.8 |
2021-10-11 | CVE-2021-26588 | Unspecified vulnerability in HPE products A potential security vulnerability has been identified in HPE 3PAR StoreServ, HPE Primera Storage and HPE Alletra 9000 Storage array firmware. | 9.8 |
2020-09-23 | CVE-2020-24626 | Path Traversal vulnerability in HPE Utility Computing Service Meter 1.9 Unathenticated directory traversal in the ReceiverServlet class doPost() method can lead to arbitrary remote code execution in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9. | 9.8 |
2020-04-30 | CVE-2020-7136 | Unspecified vulnerability in HPE Smart Update Manager A security vulnerability in HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access. | 9.8 |
2020-04-17 | CVE-2019-12002 | Unspecified vulnerability in HPE products A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage version(s): GL225P001 and earlier; GL225P001 and earlier; VE270R001-01 and earlier; GL225P001 and earlier; VL270R001-01 and earlier; VL270R001-01 and earlier. | 9.8 |
2019-11-07 | CVE-2019-11996 | Unspecified vulnerability in HPE Nimbleos Potential security vulnerabilities have been identified with HPE Nimble Storage systems in multi array group configurations. | 9.8 |
2019-06-05 | CVE-2019-11988 | Unspecified vulnerability in HPE Smart Update Manager A Remote Unauthorized Access vulnerability was identified in HPE Smart Update Manager (SUM) earlier than version 8.3.5. | 9.8 |