Oneview Security Vulnerabilities

CVE-2023-6573

HPE OneView may have a missing passphrase during...

CVE-2023-50275

HPE OneView may allow clusterService Authentication Bypass resulting in denial of...

CVE-2023-50274

HPE OneView may allow command injection with local privilege...

CVE-2023-30912

A remote code execution issue exists in HPE...

CVE-2023-30909

A remote authentication bypass issue exists in some OneView...

CVE-2023-30908

A remote authentication bypass issue exists in a OneView...

CVE-2023-28084

HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication...

CVE-2023-28089

An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect...

CVE-2023-28087

An HPE OneView appliance dump may expose OneView user...

CVE-2023-28090

An HPE OneView appliance dump may expose SNMPv3 read...

CVE-2023-28088

An HPE OneView appliance dump may expose SAN switch administrative...

CVE-2023-28086

An HPE OneView appliance dump may expose proxy credential...

CVE-2023-28085

An HPE OneView Global Dashboard (OVGD) appliance dump may expose OVGD user account...

CVE-2023-28091

HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support...

CVE-2022-37935

HPE OneView for VMware vCenter, in certain circumstances, may disclose the “HPE OneView” Username and...

CVE-2022-37927

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Hewlett Packard Enterprise HPE OneView Global Dashboard...

CVE-2022-28625

A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s): Prior to 7.0 or 6.60.01. A low privileged user could locally exploit this vulnerability to disclose sensitive information resulting in a complete loss of confidentiality, integrity, and...

CVE-2022-28616

A remote server-side request forgery (ssrf) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE...

CVE-2022-28617

A remote bypass security restrictions vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE...

CVE-2022-23706

A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE...

CVE-2022-23698

A remote unauthenticated disclosure of information vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE...

CVE-2022-23697

A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE...

CVE-2022-23700

A local unauthorized read access to files vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE...

CVE-2022-23699

A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE...

CVE-2020-7198

There is a remote escalation of privilege possible for a malicious user that has a OneView account in OneView and Synergy Composer. HPE has provided updates to Oneview and Synergy Composer: Update to version 5.5 of OneView, Composer, or...

CVE-2014-2602

Unspecified vulnerability in HP OneView 1.0 and 1.01 allows remote authenticated users to gain privileges via unknown...