Lucene search

K
cveHpeCVE-2023-50275
HistoryJan 23, 2024 - 5:15 p.m.

CVE-2023-50275

2024-01-2317:15:10
CWE-287
hpe
web.nvd.nist.gov
14
hpe
oneview
cve-2023-50275
authentication bypass
dos
nvd

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

High

EPSS

0.001

Percentile

30.2%

HPE OneView may allow clusterService Authentication Bypass resulting in denial of service.

Affected configurations

Nvd
Node
hponeviewRange<8.70
VendorProductVersionCPE
hponeview*cpe:2.3:a:hp:oneview:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "HPE OneView",
    "vendor": "Hewlett Packard Enterprise",
    "versions": [
      {
        "lessThan": "8.70",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

High

EPSS

0.001

Percentile

30.2%

Related for CVE-2023-50275