Lucene search

[email protected]CVE-2022-37928

HistoryDec 12, 2022 - 1:15 p.m.

CVE-2022-37928

2022-12-1213:15:00

CWE-345

[email protected]

web.nvd.nist.gov

cve-2022-37928

insufficient verification

data authenticity

vulnerability

hpe

nimble storage

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

6.5 Medium

AI Score

Confidence

High

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

22.4%

JSON

Insufficient Verification of Data Authenticity vulnerability in Hewlett Packard Enterprise HPE Nimble Storage Hybrid Flash Arrays and Nimble Storage Secondary Flash Arrays.

CPENameOperatorVersion
hpe:sf100_firmwarehpe sf100 firmwarelt5.2.1.900
hpe:sf100_firmwarehpe sf100 firmwareeq5.3.0.0
hpe:sf300_firmwarehpe sf300 firmwarelt5.2.1.900
hpe:sf300_firmwarehpe sf300 firmwareeq5.3.0.0
hpe:hf60c_firmwarehpe hf60c firmwarelt5.2.1.900
hpe:hf60c_firmwarehpe hf60c firmwareeq5.3.0.0
hpe:hf40c_firmwarehpe hf40c firmwarelt5.2.1.900
hpe:hf40c_firmwarehpe hf40c firmwareeq5.3.0.0
hpe:hf20_firmwarehpe hf20 firmwarelt5.2.1.900
hpe:hf20_firmwarehpe hf20 firmwareeq5.3.0.0

CPE	Name	Operator	Version
hpe:sf100_firmware	hpe sf100 firmware	lt	5.2.1.900
hpe:sf100_firmware	hpe sf100 firmware	eq	5.3.0.0
hpe:sf300_firmware	hpe sf300 firmware	lt	5.2.1.900
hpe:sf300_firmware	hpe sf300 firmware	eq	5.3.0.0
hpe:hf60c_firmware	hpe hf60c firmware	lt	5.2.1.900
hpe:hf60c_firmware	hpe hf60c firmware	eq	5.3.0.0
hpe:hf40c_firmware	hpe hf40c firmware	lt	5.2.1.900
hpe:hf40c_firmware	hpe hf40c firmware	eq	5.3.0.0
hpe:hf20_firmware	hpe hf20 firmware	lt	5.2.1.900
hpe:hf20_firmware	hpe hf20 firmware	eq	5.3.0.0

Rows per page:

1-10 of 181

References

support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst04359en_us

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

6.5 Medium

AI Score

Confidence

High

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

22.4%

JSON

Related for CVE-2022-37928

prion1 cvelist1