Vulnerabilities > HPE > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-10-09 CVE-2023-30910 HTTP Request Smuggling vulnerability in HPE products
HPE MSA Controller prior to version IN210R004 could be remotely exploited to allow inconsistent interpretation of HTTP requests. 
network
low complexity
hpe CWE-444
5.4
2023-08-29 CVE-2023-39266 Cross-site Scripting vulnerability in HPE Arubaos-Switch
A vulnerability in the ArubaOS-Switch web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface provided certain configuration options are present.
network
low complexity
hpe CWE-79
6.1
2023-08-29 CVE-2023-39267 Unspecified vulnerability in HPE Arubaos-Switch
An authenticated remote code execution vulnerability exists in the command line interface in ArubaOS-Switch.
network
low complexity
hpe
6.5
2023-06-16 CVE-2023-30904 Unspecified vulnerability in HPE Insight Remote Support 7.12/7.12.0.529
A security vulnerability in HPE Insight Remote Support may result in the local disclosure of privileged LDAP information.
local
low complexity
hpe
5.5
2023-04-25 CVE-2023-28084 Insufficiently Protected Credentials vulnerability in multiple products
HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens
local
low complexity
hpe hp CWE-522
5.5
2023-04-14 CVE-2023-28085 Unspecified vulnerability in HPE Oneview Global Dashboard 2.31/2.32
An HPE OneView Global Dashboard (OVGD) appliance dump may expose OVGD user account credentials
local
low complexity
hpe
5.5
2023-03-22 CVE-2022-37940 Open Redirect vulnerability in HPE products
Potential security vulnerabilities have been identified in the HPE FlexFabric 5700 Switch Series.
network
low complexity
hpe CWE-601
6.1
2023-03-10 CVE-2022-37939 Unspecified vulnerability in HPE products
A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers.
local
low complexity
hpe
5.5
2022-12-12 CVE-2022-37927 Open Redirect vulnerability in HPE Oneview Global Dashboard
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Hewlett Packard Enterprise HPE OneView Global Dashboard (OVGD).
network
low complexity
hpe CWE-601
6.1
2022-12-12 CVE-2022-37928 Insufficient Verification of Data Authenticity vulnerability in HPE products
Insufficient Verification of Data Authenticity vulnerability in Hewlett Packard Enterprise HPE Nimble Storage Hybrid Flash Arrays and Nimble Storage Secondary Flash Arrays.
network
low complexity
hpe CWE-345
6.5