Lucene search

HpeCVELIST:CVE-2022-37939

HistoryMar 08, 2023 - 8:48 p.m.

CVE-2022-37939

2023-03-0820:48:26

hpe

www.cve.org

hpe

superdome flex

superdome flex 280

vulnerability

information disclosure

software update

2.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

5.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. The vulnerability could be locally exploited to allow disclosure of information. HPE has made the following software to resolve the vulnerability in HPE Superdome Flex Servers v3.65.8 and Superdome Flex 280 Servers v1.45.8.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "HPE Superdome Flex Servers; HPE Superdome Flex 280 Servers",
    "vendor": "Hewlett Packard Enterprise (HPE)",
    "versions": [
      {
        "status": "unaffected",
        "version": "Prior to Superdome Flex 3.65.8; Prior to Superdome Flex 280 1.45.8"
      }
    ]
  }
]

References

support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04453en_us

2.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

5.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

Related for CVELIST:CVE-2022-37939