1147 matches found
HPESBGN04124 rev.4 - HPE Edgeline Infrastructure Manager, Remote Authentication Bypass
Potential Security Impact: Remote: Authentication Bypass SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Edgeline Infrastructure Management Software - Prior to version 1.23 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2021-29203 |...
HPESBHF04087 rev.1 - HPE Integrated Lights-Out 5 (iLO 5) for the Moonshot and Edgeline HPE ProLiant m750 Server Blade, Remote Disclosure of Information
Potential Security Impact: Remote: Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant m750 Server Blade - Prior to iLO 5 v2.32 for Moonshot/Edgeline CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2020-7202 |...
HPESBHF04105 rev.1 - HPE Synergy Compute Modules with Integrated Lights-Out 5 (iLO 5) or Integrated Lights-Out 4 (iLO 4), Remote Disclosure of Information
Potential Security Impact: Remote: Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Integrated Lights-Out 5 iLO 5 for HPE Gen10 Servers - Prior to v2.33 - Please see the RESOLUTION note HPE Integrated Lights-Out 4 iLO 4 - Prior to v2.77 - Please see th...
HPESBST04098 rev.1 - HPE B-Series SANnav Management Portal, Remote Denial of Service
Potential Security Impact: Remote: Denial of Service DoS SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE SANnav Management Software - Prior to version 2.1.0a CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2020-15379 |...
HPESBST04094 rev.1 - HPE SimpliVity OmniStack and OmniCube, Remote Code Execution
Potential Security Impact: Remote: Code Execution SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE SimpliVity 2600 Gen10 - depends on ESXi version see interop guide HPE SimpliVity 380 Gen10 - depends on ESXi version see interop guide HPE SimpliVity 380 Gen10 G - depends on ESXi...
HPESBHF04096 rev.1 - HPE Synergy Composer2, Remote Memory Corruption
Potential Security Impact: Remote: memory corruption SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Synergy Composer2 - Prior to HPE Synergy Software Release: Composer 6.0 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2020-27337 |...
HPESBHF04079 rev.2 - HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4) for Moonshot and Edgeline Cartridges and Blades, Remote Memory Corruption
Potential Security Impact: Remote: memory corruption SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant m750 Server Blade - Prior to iLO 5 v2.32 for Moonshot/Edgeline HPE ProLiant m710x Server Blade - Prior to iLO 4 v2.61 for Moonshot/Edgeline HPE ProLiant m710x-L Server...
HPESBNW04078 rev.2 - Aruba AirWave Glass, Multiple Remote Vulnerabilities
Potential Security Impact: Remote: Authentication Bypass, Escalation of Privilege, Execution of Arbitrary Commands, Unauthenticated Arbitrary Code Execution, Unauthorized Access, Server-Side Request Forgery SSRF SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Aruba Airwave Softwar...
HPESBGN04068 rev.3 - Hewlett Packard Enterprise Systems Insight Manager (SIM), AMF Deserialization of Untrusted Data, Remote Code Execution Vulnerability
Potential Security Impact: Remote: Code Execution SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Systems Insight Manager SIM 7.6.x CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2020-7200 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 9.8 |...
HPESBNW04072 rev.2 - HPE ArubaOS, Multiple Remote Vulnerabilities
Potential Security Impact: Remote: Arbitrary Code Execution, Arbitrary Command Execution, Compromise of System Integrity SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Aruba 7000 Series Mobility Controllers 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and bel...
HPESBUX04050 rev.1 - HP-UX Web Server Suite running Apache on HP-UX 11iv3, Multiple Remote Vulnerabilities
Potential Security Impact: Remote: Access Restriction Bypass, Code Execution, Cross-Site Scripting XSS, Denial of Service DoS, Disclosure of Sensitive Information, URL Redirection, memory corruption SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP-UX Web Server Suite Software -...
HPESBST04064 rev.1 - HPE B-series Fibre Channel SAN Switch Brocade Fabric OS (FOS), Remote Unauthorized Access
Potential Security Impact: Remote: Unauthorized Access SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE B-series SN3600B Fibre Channel Switch - Prior to v9.0.0a, and v8.1.0 to v8.2.2c HPE B-series SN4000B SAN Extension Switch - Prior to v9.0.0a, and v8.1.0 to v8.2.2c HPE B-seri...
HPESBHF04058 rev.3 - HPE Servers with Intel Processors, Local Escalation of Privilege
Potential Security Impact: Local: Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Apollo 4200 Gen10 Server Prior to System ROM v2.40 HPE ProLiant DL120 Gen10 Server Prior to System ROM v2.40 HPE ProLiant DL160 Gen10 Server Prior to System ROM v2.40 HPE...
HPESBST04045 rev.2 - HPE 3Par and Primera StoreServ Management Console (SSMC), Remote Authentication Bypass
Potential Security Impact: Remote: Authentication Bypass SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE 3PAR StoreServ Management and Core Software Media All versions prior to 3.7.1.1 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2020-7197 |...
HPESBUX04015 rev.2 - HP-UX Tomcat-based Servlet Engine, Multiple Remote Vulnerabilities
Potential Security Impact: Local: Access Restriction Bypass; Remote: Access Restriction Bypass, Code Execution, Denial of Service DoS, Gain Unauthorized Access, URL Redirection, Unauthorized Access to Data, Unauthorized Access to Sensitive Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted...
HPESBNW04032 rev.2 - Aruba Intelligent Edge Switches Remote Unauthorized Access
Potential Security Impact: Remote: Gain Unauthorized Access SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Aruba 2540 Switch Series 16.08. before 16.08.0009, 16.09. before 16.09.0007, 16.10. before 16.10.0003 Aruba 2530 Switch Series 16.08. before 16.08.0009, 16.09. before...
HPESBHF04031 rev.3 - HPE Integrated Lights-Out 3 (iLO 3) for Integrity Servers, Ripple20 Multiple Vulnerabilities
Potential Security Impact: Remote: Denial of Service DoS, Disclosure of Sensitive Information, Multiple Vulnerabilities SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP Integrity Superdome 2 Server -Prior to bundle 4.2.66 HPE Integrity rx2800 i2 Server -Prior to bundle 30.00 HPE...
HPESBHF04020 rev.2 - HPE insmod and GRUB2 vulnerability, Local Arbitrary Code Execution
Potential Security Impact: Local: Arbitrary Code Execution SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Intelligent Provisioning Gen10 and Gen10 Plus Servers - v3.30.226, v3.46, Gen9 - Prior to 2.82, Gen8 - Prior to 1.72 HPE Service Pack for ProLiant Prior to Version 2020.03.2...
HPESBNW04013 rev.2 - HPE Aruba ClearPass Policy Manager, Remote Code Execution
Potential Security Impact: Remote: Code Execution SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Aruba ClearPass Policy Manager Versions prior to 6.9.1, 6.8.5-HF, 6.7.13-HF CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2020-7115 |...
HPESBNW04018 rev.2 - HPE Aruba Clearpass Manager, Information Disclosure in Web Management Interface for Aruba Intelligent Edge Switches
Potential Security Impact: Remote: Unauthorized Information Disclosure SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Aruba 2540 Switch Series 16.08. before 16.08.0009 16.09. before 16.09.0007 16.10. before 16.10.0003 Aruba 2530 Switch Series 16.08. before 16.08.0009 16.09. befor...
HPESBHF04012 rev.7 - HPE ProLiant Servers, Apollo Products, and Converged Systems with Integrated Lights-Out 5 (iLO 5), Integrated Lights-Out 4 (iLO 4), or Integrated Lights-Out 3 (iLO 3), Ripple20 Multiple Vulnerabilities
Potential Security Impact: Remote: Code Execution, Denial of Service DoS, Disclosure of Sensitive Information, Multiple Vulnerabilities SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Integrated Lights-Out 5 iLO 5 for HPE Gen10 Servers -Prior to v2.18 - Prior to...
HPESBHF04000 rev.1 - Certain HPE servers using Intel Processors, Local Escalation of Privilege and Denial of Service
Potential Security Impact: Local: Denial of Service DoS, Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant MicroServer Gen10 - Prior to v2.1605-25-20208 Jun 2020 HPE ProLiant m710x Server Blade - Prior to v1.84 3/10/2020 HPE ProLiant m750 Server...
HPESBST03992 rev.1 - HPE Nimble Storage, Remote Code Execution
Potential Security Impact: Remote: Code Execution SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Nimble Storage Hybrid Flash Arrays 3.9.2.0 and older 4.5.5.0 and older 5.0.8.0 and older 5.1.4.0 and older Nimble Storage All Flash Arrays 3.9.2.0 and older 4.5.5.0 and older...
HPESBHF03985 rev.4 - Certain HPE Servers with Intel Xeon SP-based processors, Local Disclosure of Information
Potential Security Impact: Local: Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Apollo 4200 Gen10 Server - Prior to ROM v2.30 HPE ProLiant BL460c Gen10 Server Blade - Prior to ROM v2.30 HPE ProLiant DL20 Gen9 Server - Prior to ROM v2.86 - Impacted b...
HPESBHF03978 rev.2 - HPE Superdome Flex Server, Multiple Remote Vulnerabilities
Potential Security Impact: Remote: Multiple Vulnerabilities SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Superdome Flex Server Prior to v3.20.186 - Fix available in 3.20.206 4 December 2019 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2019-11998...
HPESBHF03963 rev.1 - Certain HPE ProLiant Servers with Intel CSME, AMT, SPS, TXE,
Potential Security Impact: Remote: Denial of Service DoS, Disclosure of Privileged Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Apollo 4200 Gen10 Server - Prior to SPS FW 4.01.04.339 HPE ProLiant BL460c Gen10 Server Blade - Prior to SPS FW 4.01.04.339 HPE ProLia...
HPESBST03964 rev.1 - HPE Nimble Storage, Multiple Remote Vulnerabilities
Potential Security Impact: Remote: Disclosure of Information, Elevation of Privilege, Multiple Vulnerabilities SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Nimble Storage Hybrid Flash Arrays - 5.1.2.0 and older, 5.0.7.0 and older, 4.5.4.0 and older, 3.9.1.0 and older Nimble...
HPESBUX03950 rev.1 - HP-UX Web Server Suite running Apache on HP-UX 11iv3, Multiple Remote Vulnerabilities
Potential Security Impact: Local: Unauthorized Disclosure of Information, Unauthorized Modification; Remote: Bypass Security Restrictions, Denial of Service DoS, Unauthorized Disclosure of Information, Unauthorized Modification SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP-UX...
HPESBST03952 rev.1 - HPE Command View Advanced Edition (CVAE) Products using JAVA, Multiple Vulnerabilities
Potential Security Impact: Local: Multiple Vulnerabilities; Remote: Multiple Vulnerabilities SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP XP7 CVAE 8.6.3-00 or later HPE XP7 Command View Advanced Edition Suite 8.6.3-00 or later CVSS Scores: | CVE | CVSS Vector | Base Score | ...
HPESBST03942 rev.1 - 3PAR Service Processor 5.0.5, Multiple remote Vulnerabilities
Potential Security Impact: Remote: Authentication Bypass, Bypass Security Restrictions, Cross-Site Scripting XSS, Gain Unauthorized Access, Session Reuse, Arbitrary file upload SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE 3PAR Service Processor prior to 5.0.5.1 CVSS Scores:...
HPESBHF03943 rev.1 - Certain HPE Servers using AMD EPYC 7001 series Processors, Local Disclosure of Information
Potential Security Impact: Local: Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant DL385 Gen10 Server All versions prior to v1.44 6/24/2019 HPE ProLiant DL325 Gen10 Server All versions prior to v1.44 6/24/2019 CVSS Scores: | CVE | CVSS Vector ...
HPESBHF03932 rev.2 - HPE Products using certain Intel UEFI Reference Code, Local Escalation of Privilege, Denial of Service Vulnerabilities
Potential Security Impact: Local: Denial of Service DoS, Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant DL360 Gen10 Server Firmware prior to 2.04 04/18/2019 HPE ProLiant DL160 Gen10 Server Firmware prior to 2.04 04/18/2019 HPE ProLiant DL180...
HPESBMU03935 rev.1 - HPE Unified OSS Console Software Products using Apache CouchDB, Remote Code Execution, Remote Escalation of Privilege
Potential Security Impact: Remote: Code Execution, Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Unified OSS Console Software Series All versions prior to HPE Unified Console V2.3.24-MP - All versions of Apache CouchDB prior to version 2.3.x CVSS...
HPESBHF03930 rev.5 - HPE Intelligent Management Center (IMC) PLAT Remote Arbitrary Code Execution, Disclosure of Information, Denial of Service. and Buffer Overflow
Potential Security Impact: Remote: Arbitrary Code Execution, Denial of Service DoS, Disclosure of Information, Buffer Overflow SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Intelligent Management Center iMC iMC Plat 7.3 E0506P09 and earlier - iMC Plat 7.3 E0705P02 and earlie...
HPESBHF03914 rev.1 - Certain HPE Servers with Intel Server Platform Services (SPS) Firmware, Multiple Local Vulnerabilities
Potential Security Impact: Local: Authentication Bypass, Denial of Service DoS, Execution of Arbitrary Code SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant DL380 Gen10 Server Prior to Server Platform Services SPS 04.01.04.2512 Apr 2019 HPE ProLiant DL360 Gen10 Server...
HPESBHF03912 rev.3 - Certain HPE Servers and StoreEasy Appliances with a UEFI-based BIOS, Multiple Local Vulnerabilities
Potential Security Impact: Local: Denial of Service DoS, Disclosure of Information, Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant DL380 Gen10 Server Prior to v2.02 3/19/19 HPE ProLiant DL360 Gen10 Server Prior to v2.02 3/19/19 HPE ProLiant...
HPESBNS03910 rev.2 - HPE NonStop Safeguard, Local Disclosure of Sensitive Information
Potential Security Impact: Local: Disclosure of Sensitive Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. SAFEGUARD All prior versions before SPR T9750L01^AIC or T9750H05^AIH, and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND; all...
HPESBHF03874 rev.1 - Certain HPE Products using Intel-based Processors, L1 Terminal Fault (L1TF) Speculative Side-channel Vulnerabilities, Local Disclosure of Information
Potential Security Impact: Local: Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant DL580 Gen10 Server - Prior to 1.4206-20-20184 Jul 2018 HPE ProLiant DL560 Gen10 Server - Prior to 1.4206-20-20184 Jul 2018 HPE ProLiant DL380 Gen10 Server - Pri...
HPESBHF03899 rev.1 - HPE Converged System 700 Virtual Services Router (VSR) using NTP
Potential Security Impact: Remote: Denial of Service DoS SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP ConvergedSystem 700 Virtualization 2.0 VMware Kit - Nov 2017 Recipe or Aug 2018 Recipe HP ConvergedSystem 700x for VMware Solution Kit - Nov 2017 Recipe or Aug 2018 Recipe H...
HPESBHF03869 rev.1 - HPE Windows Firmware Installer for certain HPE Gen9,Gen8, G7, and G6 Servers, Local Disclosure of Privileged Information
Potential Security Impact: Local: Disclosure of Privileged Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Integrated Lights-Out 2 iLO 2 Firmware for ProLiant G6 Servers - Prior to v2.33 HPE Integrated Lights-Out 3 iLO 3 Firmware for ProLiant G7 Servers - Prior to...
HPESBHF03890 rev.1 - HPE Service Governance Framework (SGF) - Remote Unauthorized Disclosure of Information
Potential Security Impact: Remote: Unauthorized Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE SGF 4.2 for RHEL 6 E-Media SGF 4.2 HPE SGF 4.2 for RHEL 6 Media SGF 4.2 HPE SGF 4.2 for RHEL 7 E-Media SGF 4.2 HPE SGF 4.2 for RHEL 7 Media SGF 4.2 HPE SGF...
HPESBHF03893 rev.1 - HPE Intelligent Management Center (iMC) Wireless Services Manager Software, Remote Code Execution
Potential Security Impact: Remote: Code Execution SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE IMC Wireless Services Manager Software - Prior to IMC WSM 7.3 E0506P02 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2018-7103 |...
HPESBST03884 rev.2 - HPE ConvergedSystem 700 Solutions Using HPE 3PAR Service Processor, Multiple Vulnerabilities
Potential Security Impact: Local: Directory Traversal, Disclosure of Privileged Information; Remote: Access Restriction Bypass, Code Execution, Cross-Site Request Forgery CSRF SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE 3PAR Service Processors - Prior to SP-4.4.0.GA-110MU7...
HPESBST03846 rev.1 - HPE StoreFabric C-Series Director and C-Series Fabric Switches, Remote Denial of Service
Potential Security Impact: Remote: Denial of Service DoS SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE StoreFabric SN6010C Fibre Channel Switch - Prior to NX-OS 7.31DY1 HPE StoreFabric SN6500C Multi-service Switch - Prior to NX-OS 7.31DY1 HPE StoreFabric SN8500C Director...
HPESBHF03836 rev.1 - HPE Routers and Switches running Linux-based Comware 5 and Comware 7 Software, Remote Unauthorized Disclosure of Information
Potential Security Impact: Remote: Unauthorized Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE 8800 Router Series Comware 5 HPE Router Processing Modules Comware 5 HPE FlexNetwork 6600 Router Series Comware 5 HPE MSR20 Series Comware 5 HPE MSR20-1x...
HPESBHF03838 rev.1 - HPE iMC and Comware 7-based Switches and Routers using OpenSSL, Multiple Remote Vulnerabilities
Potential Security Impact: Remote: Denial of Service DoS, Unauthorized Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Intelligent Management Center iMC All versions - IMC PLAT and IMC UAMTAM HPE FlexNetwork VSR1000 Virtual Services Router Series...
HPESBHF03856 rev.1 - Comware v7 and Intelligent Management Center Products, Remote Denial of Service
Potential Security Impact: Remote: Denial of Service DoS SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Intelligent Management Center iMC iMC 7.3 - IMC PLAT HPE FlexFabric 12500 Switch Series Comware 7 - Detailed list of switches provided below HPE FlexNetwork 10500 Switch...
HPESBMU03837 rev.1 - HPE CentralView Fraud Risk Management - Multiple Remote Vulnerabilities
Potential Security Impact: Remote: Disclosure of Sensitive Information, Multiple Vulnerabilities SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE CentralView CV ERM 6.1 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2017-8991 |...
HPESBST03851 rev.1 - HPE StoreFabric B-series Switches, Remote Code Execution
Potential Security Impact: Remote: Code Execution SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. StoreFabric B-series Switches - Prior to 8.2.0a, 8.1.2d and 7.4.2c CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2017-6225 |...
HPESBHF03823 rev.1 - HPE XP Command View Advanced Edition Software (CVAE), Remote Arbitrary Code Execution
Potential Security Impact: Remote: Arbitrary Code Execution SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HP XP Command View Advanced Edition Software earlier than 8.5.3-00 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2017-5641 |...