Hewlett Packard Enterprise Superdome Flex Server 信息泄露漏洞

Hewlett Packard Enterprise Superdome Flex Server is a modular server product from Hewlett Packard Enterprise USA. An information disclosure vulnerability exists in HPE Superdome Flex Servers prior to v3.65.8 and Superdome Flex 280 Servers prior to v1.45.8, which can be exploited by an attacker to...

PT-2022-16212 · Hewlett Packard · Hpe Superdome Flex 280 Server +1

Name of the Vulnerable Software and Affected Versions: HPE Superdome Flex Server versions prior to 3.50.58 HPE Superdome Flex 280 Server versions prior to 1.20.204 Description: A potential security issue has been identified that could allow a user with Administrator access to escalate their...

CVE-2021-26589

A potential security vulnerability has been identified in HPE Superdome Flex Servers. The vulnerability could be remotely exploited to allow Cross Site Scripting XSS because the Session Cookie is missing an HttpOnly Attribute. HPE has provided a firmware update to resolve the vulnerability in HPE...

Cross site scripting

A potential security vulnerability has been identified in HPE Superdome Flex Servers. The vulnerability could be remotely exploited to allow Cross Site Scripting XSS because the Session Cookie is missing an HttpOnly Attribute. HPE has provided a firmware update to resolve the vulnerability in HPE...

CVE-2021-26589

This CVE concerns HPE Superdome Flex Servers where a Cross Site Scripting (XSS) vulnerability arises because the Session Cookie lacks the HttpOnly attribute. Public sources (NVD entry) describe remote exploitation potential and provide a firmware update from HPE as the remediation. The NVD CVSS v...