1147 matches found
HPESBST04053 rev.1 - HPE StoreEasy Storage for Windows, Multiple vulnerabilities including Remote Code Execution, Elevation of Privilege and NTLM Tampering.
Potential Security Impact: Remote: Code Execution, Elevated Privileges SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE StoreEasy 1000 Storage All HPE StoreEasy 1000 Storage Gen10 All HPE StoreEasy 1000 Storage Gen9 All HPE StoreEasy 1450 Storage All HPE StoreEasy 1460 Storage...
HPESBHF04061 rev.1 - HPE Ethernet Adapters with Intel 700 Series Based Controllers, Local Escalation of Privileges and/or Denial of Service
Potential Security Impact: Local: Denial of Service DoS, Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Synergy 4610C 10/25Gb Ethernet Adapter - Prior to v8.1 HPE Ethernet 10Gb 2-port FLR-SFP+ X710-DA2 Adapter - Prior to v7.3 HPE Ethernet 10Gb 2-port...
HPESBHF04059 rev.1 - HPE Servers with Intel Processors with the Intel Running Average Power Limit (RAPL) Interface, Local Disclosure of Information
Potential Security Impact: Local: Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant m750 Server Blade Prior to system ROM v1.40 HPE ProLiant MicroServer Gen10 Plus Prior to system ROM v2.20 HPE ProLiant DL20 Gen10 Server Prior to system ROM v2....
HPESBHF04054 rev.1 - HPE Servers with Intel Processors running Server Platform Services (SPS) firmware
Potential Security Impact: Local: Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant DL120 Gen10 Server Prior to SPS Firmware 04.01.04.423.0 HPE ProLiant DL160 Gen10 Server Prior to SPS Firmware 04.01.04.423.0 HPE ProLiant DL180 Gen10 Server Prior...
HPESBHF04057 rev.3 - HPE Servers with Certain Intel Processors, Local Disclosure of Information
Potential Security Impact: Local: Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant DL120 Gen10 Server Prior to System ROM v2.40 HPE ProLiant DL160 Gen10 Server Prior to System ROM v2.40 HPE ProLiant DL180 Gen10 Server Prior to System ROM v2.40...
HPESBHF04056 rev.2 - HPE Servers with Intel Processors, Local escalation of Privilege, Denial of Service
Potential Security Impact: Local: Denial of Service DoS, Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant DL120 Gen10 Server Prior to System ROM v2.40 HPE ProLiant DL160 Gen10 Server Prior to System ROM v2.40 HPE ProLiant DL180 Gen10 Server Prio...
HPESBHF04047 rev.2 - HPE OneView and Synergy Composer, Remote Escalation of Privilege
Potential Security Impact: Remote: Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Synergy Composer 5.0, 5.00.01, 5.00.02, 5.2, 5.20.01, 5.3, 5.4 - Earlier versions are also impacted. But, they are not supported. HPE Synergy Composer 2 5.0, 5.00.01,...
HPESBNW04051 rev.2 - Aruba AirWave Glass, Multiple Vulnerabilities
Potential Security Impact: Remote: Escalation of Privilege, Execution of Arbitrary Commands, Unauthenticated Arbitrary Code Execution, Unauthorized Access, Server-Side Request Forgery SSRF SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Aruba Airwave Software - Prior to 1.3.2 CVSS...
HPESBGN04049 rev.1 - HPE BlueData EPIC Software Platform and HPE Ezmeral Container Platform, Remote Disclosure of Privileged Information
Potential Security Impact: Remote: Disclosure of Privileged Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. BlueData EPIC Software 4.0 and earlier HPE Ezmeral Container Platform 5.0 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2020-7196 |...
HPESBHF04021 rev.3 - HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4) for Moonshot and Edgeline Cartridges and Blades, and Moonshot iLO Chassis Manager, Ripple20 Multiple Vulnerabilities
Potential Security Impact: Remote: Code Execution, Denial of Service DoS, Disclosure of Sensitive Information, Multiple Vulnerabilities SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant m750 Server Blade -Prior to iLO 5 v2.30 for Moonshot/Edgeline HPE ProLiant m510 Serv...
HPESBST04034 rev.1 - HPE 3PAR Service Processor, Using Exim Mail Transfer Agent (MTA), Remote Command Execution.
Potential Security Impact: Remote: Arbitrary Command Execution SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE 3PAR Service Processor 5.0.6 and below CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2019-10149 |...
HPESBNW04041 rev.3 - Aruba Products, TCP SACK PANIC - Kernel Vulnerabilities
Potential Security Impact: Local: Denial of Service DoS SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Aruba Airwave Software 8.2.9.1 and below Aruba ClearPass Policy Manager 6.7.12, 6.8.3 and below Aruba CX 6200F Switch Series 10.2 and below Aruba 6300 Switch Series 10.2 and bel...
HPESBGN04037 rev.1 - HPE Utility Computing Service (UCS) Meter, Multiple Remote Vulnerabilities
Potential Security Impact: Remote: Directory Traversal, Unauthenticated Arbitrary Code Execution, Unauthenticated Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Pay per use PPU 1.9 - HPE UCS Meter CVSS Scores: | CVE | CVSS Vector | Base Score | | ---...
HPESBHF04039 rev.3 - HPE Synergy Composer 2, Ripple20 Multiple Vulnerabilities
Potential Security Impact: Remote: Code Execution, Denial of Service DoS, Disclosure of Information, Multiple Vulnerabilities SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Synergy Composer 2 - Prior to Composer software release 5.40.00 CVSS Scores: | CVE | CVSS Vector | Base...
HPESBGN04024 rev.2 - Hewlett Packard Enterprise Universal API Framework for VMware ESXi (OVA) and Microsoft Hyper-V (VHD), Remote SQL Injection Information Disclosure Vulnerability
Potential Security Impact: Remote: SQL Injection SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Universal API Framework for VMware ESXi OVA - Prior to v2.5.2 HPE Universal API Framework for Microsoft Hyper-V VHD - Prior to v2.5.2 CVSS Scores: | CVE | CVSS Vector | Base Score ...
HPESBNW04033 rev.3 - Aruba Analytics and Location Engine (ALE), Authenticated Arbitrary File Modification
Potential Security Impact: Remote: Arbitrary File Modification SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Aruba Analytics and Location Services Usage Licenses 2.1.0.2 and earlier CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2020-7119 |...
HPESBUX04029 rev.1 - HP-UX Common Internet File System (CIFS), Multiple Vulnerabilities
Potential Security Impact: Local: Unauthorized Access, Unauthorized Access to Files; Remote: Unauthorized Access to Data SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP-UX Common Internet File System CIFS, Client/Server Software B.04.09.00.00 and earlier CVSS Scores: | CVE | CV...
HPESBUX04025 rev.1 - HP-UX Secure Shell Daemon, Multiple Remote Vulnerabilities
Potential Security Impact: Remote: Access Restriction Bypass, Arbitrary Command Execution, Arbitrary File Modification, Authentication Bypass, Authorized User SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP-UX 11i Secure Shell Software A.07.40.003 and earlier are impacted CVSS...
HPESBNW04014 rev.2 - HPE Aruba Networking Local Unauthorized Disclosure of Information (Aka "Kr00k" Vulnerability)
Potential Security Impact: Local: Unauthorized Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Aruba Instant IAP-204 IL 802.11n/ac Dual 2x2:2 Radio Antenna Connectors AP All versions. Aruba Instant IAP-204 JP 802.11n/ac Dual 2x2:2 Radio Antenna Connectors...
HPESBNW04017 rev.2 - HPE Aruba AirWave, Remote Code Execution
Potential Security Impact: Remote: Code Execution SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Aruba Airwave Software 8.x prior to 8.2.10.1 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2019-5323 | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 7.2 |...
HPESBNW04016 rev.2 - HPE Aruba Clearpass Manager, Multiple Remote Vulnerabilities
Potential Security Impact: Local: Cross-Site Scripting XSS; Remote: Authentication Bypass, Code Execution, Unauthorized Information Disclosure SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Aruba ClearPass Policy Manager 6.8.x prior to 6.8.4 and 6.7.x prior to 6.7.13 CVSS Scores:...
HPESBHF04008 rev.1 - HPE Systems Insight Manager (SIM), Remote Code Execution
Potential Security Impact: Remote: Code Execution SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Systems Insight Manager for HP-UX v7.4, v7.5, v7.6 with Hotfix 63 or lower HPE Systems Insight Manager for Linux v7.4, v7.5, v7.6 with Hotfix 63 or lower HPE Systems Insight Manag...
HPESBHF04009 rev.1 - Certain HPE Solid State Drives, Local Disclosure of Information
Potential Security Impact: Local: Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE 6.4TB NVMe x4 Lanes Mixed Use MO006400KWVVA SSD - Prior to HPK1 HPE 3.2TB NVMe x4 Lanes Mixed Use MO003200KWVUV SSD - Prior to HPK1 HPE 1.6TB NVMe x4 Lanes Mixed Use...
HPESBHF03999 rev.2 – Certain HPE Servers Using Intel Processors with Server Platform Services (SPS), Local Escalation of Privilege and Denial of Service
Potential Security Impact: Local: Denial of Service DoS, Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant MicroServer Gen10 Plus - Prior to SPS 05.01.04.1138 Jun 2020 - CVE-2020-0545 and CVE-2020-0586 HPE ProLiant DL20 Gen10 Server - Prior to SP...
HPESBHF04001 rev.1 - Certain HPE Servers Using Intel Processors, Special Register Buffer Data Sampling Local Disclosure of Information
Potential Security Impact: Local: Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant MicroServer Gen10 Plus - Prior to v2.1605-25-20208 Jun 2020 HPE ProLiant m710x Server Blade - Prior to v1.84 3/10/2020 HPE ProLiant m750 Server Blade - Prior to...
HPESBHF04005 rev.1 - HPE Edgeline EL300 Converged Edge System Running HPE Integrated System Manager (iSM), Remote Denial of Service
Potential Security Impact: Remote: Denial of Service DoS SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Edgeline EL300 Converged Edge System - Running HPE Edgeline Integrated System Manager Prior to 2.06 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | |...
HPESBST03991 rev.1 - HPE Nimble Storage, Remote Access to Sensitive Information
Potential Security Impact: Remote: Unauthorized Access to Sensitive Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Nimble Storage Hybrid Flash Arrays 3.9.2.0 and older, 4.5.5.0 and older, 5.0.8.0 and older, 5.1.4.0 and older Nimble Storage All Flash Arrays 3.9.2.0...
HPESBHF04004 rev.1 - HPE Superdome Flex Server Remote Management Controller (RMC), Local Elevation of Privilege
Potential Security Impact: Local: Elevation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Superdome Flex Server Prior to 3.25.46 12 May 2020 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2020-7137 |...
HPESBHF03966 rev.1 - HPE Servers with certain Intel Core and Xeon Processors System Memory Management (SMM), Local Disclosure of Privileged Information
Potential Security Impact: Local: Disclosure of Privileged Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant m710x Server Blade - Prior to v1.8011-14-2019 HPE ProLiant m710x-L Server Blade - Prior to v1.8011-14-2019 CVSS Scores: | CVE | CVSS Vector | Base...
HPESBHF03934 rev.1 - HPE CloudLIne servers using AMI BMC Remote Unauthorized Disclosure of Information, Unauthorized Modification and Denial of Service
Potential Security Impact: Remote: Denial of Service DoS, Disclosure of Information, Unauthorized Modification SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Cloudline CL2100 Gen10 Server - Prior to Baseboard Management Controller BMC 1.16.0.030 Apr 2019 - No BIOS update is...
HPESBHF03970 rev.2 - HPE Products with Intel Ethernet 700 Series Processors, Local Escalation of Privilege, Local Denial of Service
Potential Security Impact: Local: Denial of Service DoS, Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Ethernet 10Gb 2-port 562FLR-SFP+ Adapter - Prior to SPP 2019.12.0 - See Resolution for OS-specific HPE Intel Online Firmware Utility versions for...
HPESBHF03947 rev.1 - HPE UIoT, Remote Unauthorized Access and Access to Sensitive Data
Potential Security Impact: Remote: Unauthorized Access to Sensitive Information, Unauthorized Data Access SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE IOT + GCP 1.4.0, 1.4.1, 1.4.2, 1.2.4.2 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2020-7133 ...
HPESBHF03945 rev.1 - HPE Servers using Supplemental Update / Online ROM Flash Component for Linux, Local Execution of Arbitrary Code.
Potential Security Impact: Local: Execution of Arbitrary Code With Privilege Elevation SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Service Pack for ProLiant 2018.06.0, 2018.09.0, 2018.11.0 - Only applies to Linux firmware installer HPE SATA Read Intensive Solid State Drive...
HPESBNS03996 rev.2 - HPE NonStop Blade Maintenance Entity, Integrated Maintenance Entity and Maintenance Entity, Multiple Remote Vulnerabilities
Potential Security Impact: Remote: Denial of Service DoS, Disclosure of Information, local memory corruption SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Integrated Maintenance Entity T1805 - T1805A01 through T1805A01^AAH Maintenance Entity T2805 - T2805A01 through T2805A01^AAU...
HPESBHF03988 rev.1 - HPE Onboard Administrator, Remote Reflected Cross Site Scripting
Potential Security Impact: Remote: Cross-Site Scripting XSS SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Onboard Administrator v4.85 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2020-7132 | CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L | 6.5 |...
HPESBHF03986 rev.1 - HPE Superdome X servers with iLO4, Remote Code Execution and Authentication Bypass
Potential Security Impact: Remote: Authentication Bypass, Code Execution, Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Integrity Superdome X Server prior to 8.8.14 HPE Integrity Superdome X with BL920s Blades prior to 8.8.14 HPE Integrity Superdome...
HPESBHF03994 rev.1 - HPE Superdome Flex with iLO4, Remote or Local Code Execution
Potential Security Impact: Local: Code Execution; Remote: Code Execution SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP Superdome X Base Enclosure prior to 8.8.16 HPE Integrity Superdome X Server prior to 8.8.16 HPE Integrity Superdome X with BL920s Blades prior to 8.8.16 HPE...
HPESBHF03995 rev.1 - HPE Superdome X servers with iLO4, Multiple Remote Vulnerabilities
Potential Security Impact: Remote: Arbitrary Code Execution, Code Execution, Denial of Service DoS, Disclosure of Sensitive Information, Elevation of Privilege, Buffer Overflow SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP Superdome X Base Enclosure prior to 8.8.26 HPE...
HPESBHF03993 rev.1 - HPE Superdome X servers with iLO4, Remote Multiple Vulnerabilities
Potential Security Impact: Remote: Denial of Service DoS, Multiple Vulnerabilities, memory corruption SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP Superdome X Base Enclosure prior to 8.8.2 HPE Integrity Superdome X Server prior to 8.8.2 HPE Integrity Superdome X with BL920s...
HPESBST03940 rev.1 - HPE MSA 1040, HPE MSA 2040, HPE MSA 2042, HPE MSA 1050, HPE MSA 2050, and HPE MSA 2052 Multiple Remote Access Restriction Bypass
Potential Security Impact: Remote: Session Reuse SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE MSA 1040 SAN Storage GL225P001 and earlier HPE MSA 2040 SAN Storage GL225P001 and earlier HPE MSA 2042 SAN Storage GL225P001 and earlier HPE MSA 1050 SAN Storage VE270R001-01 and...
HPESBMU03979 rev.1 - HPE MSE Msg Gw application, multiple remote vulnerability
Potential Security Impact: Remote: Access Restriction Bypass, User Validation Failure SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE MSE Msg Gw application E-LTU prior to version 3.2 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2019-12000 |...
HPESBHF03987 rev.1 - HPE OneView Global Dashboard (OVGD), Remote Information Disclosure
Potential Security Impact: Remote: Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE OneView Global Dashboard 1.9 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2020-7130 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L | 8.3 |...
HPESBST03980 rev.1 - HPE StoreFabric C-series Switches with Cisco Prime Data Center Network Manager (DCNM), Remote Authentication Bypass
Potential Security Impact: Remote: Authentication Bypass SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE StoreFabric Data Center Network Manager Software - Prior to DCNM 11.31 HPE StoreFabric SN8500C Director Switch - Prior to DCNM 11.31 HPE StoreFabric SN8000C Director Switch...
HPESBST03983 rev.1 - HPE Command View Advanced Edition (CVAE), Multiple Vulnerabilities
Potential Security Impact: Local: Multiple Vulnerabilities; Remote: Multiple Vulnerabilities SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP XP7 CVAE Earlier than 8.7.1-00 HPE XP7 Command View Advanced Edition Suite Earlier than 8.7.1-00 CVSS Scores: | CVE | CVSS Vector | Base...
HPESBGN03984 rev.1 - HPE OpenCall Media Platform (OCMP), Multiple Vulnerabilities
Potential Security Impact: Remote: Arbitrary File Download, Cross-Site Scripting XSS SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE OC Media Platform OCMP OCMP 4.4.8 RP 805,OCMP 4.5.x - All prior versions upto OCMP 4.4.8 and OCMP 4.5.2 CVSS Scores: | CVE | CVSS Vector | Base...
HPESBST03977 rev.1 - HPE Command View Advanced Edition (CVAE), Multiple Vulnerabilities
Potential Security Impact: Local: Multiple Vulnerabilities; Remote: Multiple Vulnerabilities SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP XP7 CVAE Earlier than 8.7.0-00 HPE XP7 Command View Advanced Edition Suite Earlier than 8.7.0-00 CVSS Scores: | CVE | CVSS Vector | Base...
HPESBNS03981 rev.1 - HPE ViewPoint on NonStop, Local Disclosure of Sensitive Information
Potential Security Impact: Local: Disclosure of Sensitive Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Web ViewPoint Enterprise T0986 - L Series: T0320L01^ABP through T0320L01^ABZ; J and H Series: T0986H01 through T0986H01^AAE Web ViewPoint Plus T0952 - L Series:...
HPESBNS03976 rev.1 - HPE NonStop using Sudo
Potential Security Impact: Local: Bypass Security Restrictions SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. OSS Core Utilities T1202 T1202L02, T1202L02^AAN, T1202AAO, T1202L02^AAQ, T1202L02^AAR, T1202L01^AAJ, T1202J01, T1202J01^AAP, T1202H01^AAL CVSS Scores: | CVE | CVSS Vector...
HPESBGN03975 rev.1 - HPE enhanced Internet Usage Manager (eIUM), Remote Cross Site Scripting
Potential Security Impact: Remote: Cross-Site Scripting XSS SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE enhanced Internet Usage Manager eIUM 8.3, 9.0 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2019-11997 |...
HPESBHF03974 rev.1 - HPE Servers using certain Intel Processors, Local Denial of Service, Disclosure of Information, Escalation of Privilege
Potential Security Impact: Local: Denial of Service DoS, Disclosure of Information, Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant DL20 Gen10 Server - Prior to v2.10 HPE ProLiant ML30 Gen10 Server - Prior to v2.10 HPE ProLiant m710x Server Bla...