Vulnerabilities > HPE > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-09 | CVE-2023-30910 | HTTP Request Smuggling vulnerability in HPE products HPE MSA Controller prior to version IN210R004 could be remotely exploited to allow inconsistent interpretation of HTTP requests. | 5.4 |
| 2023-08-29 | CVE-2023-39266 | Cross-site Scripting vulnerability in HPE Arubaos-Switch A vulnerability in the ArubaOS-Switch web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface provided certain configuration options are present. | 6.1 |
| 2023-08-29 | CVE-2023-39267 | Unspecified vulnerability in HPE Arubaos-Switch An authenticated remote code execution vulnerability exists in the command line interface in ArubaOS-Switch. | 6.5 |
| 2023-06-16 | CVE-2023-30904 | Unspecified vulnerability in HPE Insight Remote Support A security vulnerability in HPE Insight Remote Support may result in the local disclosure of privileged LDAP information. | 5.5 |
| 2023-04-25 | CVE-2023-28084 | Insufficiently Protected Credentials vulnerability in multiple products HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens | 5.5 |
| 2023-04-14 | CVE-2023-28085 | Unspecified vulnerability in HPE Oneview Global Dashboard 2.31/2.32 An HPE OneView Global Dashboard (OVGD) appliance dump may expose OVGD user account credentials | 5.5 |
| 2023-03-22 | CVE-2022-37940 | Open Redirect vulnerability in HPE products Potential security vulnerabilities have been identified in the HPE FlexFabric 5700 Switch Series. | 6.1 |
| 2023-03-10 | CVE-2022-37939 | Unspecified vulnerability in HPE products A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. | 5.5 |
| 2022-12-12 | CVE-2022-37927 | Open Redirect vulnerability in HPE Oneview Global Dashboard URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Hewlett Packard Enterprise HPE OneView Global Dashboard (OVGD). | 6.1 |
| 2022-12-12 | CVE-2022-37928 | Insufficient Verification of Data Authenticity vulnerability in HPE products Insufficient Verification of Data Authenticity vulnerability in Hewlett Packard Enterprise HPE Nimble Storage Hybrid Flash Arrays and Nimble Storage Secondary Flash Arrays. | 6.5 |