Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2022-37932
HistoryDec 12, 2022 - 1:15 p.m.

CVE-2022-37932

2022-12-1213:15:14
[email protected]
web.nvd.nist.gov
29
cve-2022-37932
vulnerability
hewlett packard enterprise
officeconnect
1820
1850
1920s
network switches
authentication bypass
software updates
nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.8%

JSON

A potential security vulnerability has been identified in Hewlett Packard Enterprise OfficeConnect 1820, 1850, and 1920S Network switches. The vulnerability could be remotely exploited to allow authentication bypass. HPE has made the following software updates to resolve the vulnerability in Hewlett Packard Enterprise OfficeConnect 1820, 1850 and 1920S Network switches versions: Prior to PT.02.14; Prior to PC.01.22; Prior to PO.01.21; Prior to PD.02.22;

Affected configurations

NVD
Node
hpeofficeconnect_1820_j9979a_firmwareRange<pt.02.14
AND
hpeofficeconnect_1820_j9979aMatch-
Node
hpeofficeconnect_1820_j9982a_firmwareRange<pt.02.14
AND
hpeofficeconnect_1820_j9982aMatch-
Node
hpeofficeconnect_1820_j9980a_firmwareRange<pt.02.14
AND
hpeofficeconnect_1820_j9980aMatch-
Node
hpeofficeconnect_1820_j9983a_firmwareRange<pt.02.14
AND
hpeofficeconnect_1820_j9983aMatch-
Node
hpeofficeconnect_1820_j9981a_firmwareRange<pt.02.14
AND
hpeofficeconnect_1820_j9981aMatch-
Node
hpeofficeconnect_1820_j9984a_firmwareRange<pt.02.14
AND
hpeofficeconnect_1820_j9984aMatch-
Node
hpeofficeconnect_1850_24g_2xgt_poe\+_firmwareRange<pc.01.22
AND
hpeofficeconnect_1850_24g_2xgt_poe\+Match-
Node
hpeofficeconnect_1850_24g_2xgt_firmwareRange<pc.01.22
AND
hpeofficeconnect_1850_24g_2xgtMatch-
Node
hpeofficeconnect_1850_48g_4xgt_poe\+_firmwareRange<pc.01.22
AND
hpeofficeconnect_1850_48g_4xgt_poe\+Match-
Node
hpeofficeconnect_1850_48g_4xgt_firmwareRange<pc.01.22
AND
hpeofficeconnect_1850_48g_4xgtMatch-
Node
hpeofficeconnect_1850_6xgt_firmwareRange<po.01.21
AND
hpeofficeconnect_1850_6xgtMatch-
Node
hpeofficeconnect_1850_2xgt\/spf\+_firmwareRange<po.01.21
AND
hpeofficeconnect_1850_2xgt\/spf\+Match-
Node
hpeofficeconnect_1920s_24g_2sfp_poe\+_firmwareRange<pd.02.22
AND
hpeofficeconnect_1920s_24g_2sfp_poe\+Match-
Node
hpeofficeconnect_1920s_24g_2sfp_ppoe\+_firmwareRange<pd.02.22
AND
hpeofficeconnect_1920s_24g_2sfp_ppoe\+Match-
Node
hpeofficeconnect_1920s_24g_2sfp_firmwareRange<pd.02.22
AND
hpeofficeconnect_1920s_24g_2sfpMatch-
Node
hpeofficeconnect_1920s_48g_4sfp_ppoe\+_firmwareRange<pd.02.22
AND
hpeofficeconnect_1920s_48g_4sfp_ppoe\+Match-
Node
hpeofficeconnect_1920s_48g_4sfp_firmwareRange<pd.02.22
AND
hpeofficeconnect_1920s_48g_4sfpMatch-
Node
hpeofficeconnect_1920s_8g_ppoe\+_firmwareRange<pd.02.22
AND
hpeofficeconnect_1920s_8g_ppoe\+Match-
Node
hpeofficeconnect_1920s_8g_firmwareRange<pd.02.22
AND
hpeofficeconnect_1920s_8gMatch-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Hewlett Packard Enterprise OfficeConnect 1820, 1850, and 1920S Network switches",
    "vendor": "Hewlett Packard Enterprise (HPE)",
    "versions": [
      {
        "status": "affected",
        "version": "Prior to PT.02.14; Prior to PC.01.22; Prior to PO.01.21; Prior to PD.02.22;"
      }
    ]
  }
]

Related

nvd 1
cvelist 1
zdi 1
prion 1
nvd
nvd
CVE-2022-37932
2022-12-12 13:15:14
cvelist
cvelist
CVE-2022-37932
2022-11-30 15:23:14
zdi
zdi
Hewlett Packard Enterprise OfficeConnect 1820 Authentication Bypass Vulnerability
2022-11-21 00:00:00
prion
prion
Authentication flaw
2022-12-12 13:15:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.8%

JSON
Related for CVE-2022-37932
nvd1cvelist1zdi1prion1