Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Oneview Security Vulnerabilities

cve
cve

CVE-2014-2602

Unspecified vulnerability in HP OneView 1.0 and 1.01 allows remote authenticated users to gain privileges via unknown vectors.

6.6AI Score

0.002EPSS

2014-05-08 10:55 AM
21
cve
cve

CVE-2020-7198

There is a remote escalation of privilege possible for a malicious user that has a OneView account in OneView and Synergy Composer. HPE has provided updates to Oneview and Synergy Composer: Update to version 5.5 of OneView, Composer, or Composer2.

8.8CVSS

9AI Score

0.005EPSS

2020-11-06 03:15 PM
32
cve
cve

CVE-2022-23697

A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.

6.1CVSS

5.9AI Score

0.001EPSS

2022-04-04 08:15 PM
56
cve
cve

CVE-2022-23698

A remote unauthenticated disclosure of information vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.

7.5CVSS

7.3AI Score

0.002EPSS

2022-04-04 08:15 PM
51
cve
cve

CVE-2022-23699

A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.

7.8CVSS

7.6AI Score

0.0004EPSS

2022-04-04 08:15 PM
70
cve
cve

CVE-2022-23700

A local unauthorized read access to files vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.

5.5CVSS

5.1AI Score

0.0004EPSS

2022-04-04 08:15 PM
57
cve
cve

CVE-2022-23706

A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.

6.1CVSS

5.9AI Score

0.001EPSS

2022-05-17 08:15 PM
62
4
cve
cve

CVE-2022-28616

A remote server-side request forgery (ssrf) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.

9.8CVSS

9.3AI Score

0.002EPSS

2022-05-17 09:15 PM
60
6
cve
cve

CVE-2022-28617

A remote bypass security restrictions vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.

9.8CVSS

9.3AI Score

0.004EPSS

2022-05-17 08:15 PM
54
4
cve
cve

CVE-2022-28625

A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s): Prior to 7.0 or 6.60.01. A low privileged user could locally exploit this vulnerability to disclose sensitive information resulting in a complete loss of confidentiality, integrity, and availability....

5.5CVSS

5AI Score

0.0004EPSS

2022-08-31 04:15 PM
34
4
cve
cve

CVE-2023-28084

HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens

5.5CVSS

5.7AI Score

0.0004EPSS

2023-04-25 08:15 PM
22
cve
cve

CVE-2023-28086

An HPE OneView appliance dump may expose proxy credential settings

5.5CVSS

5.5AI Score

0.0004EPSS

2023-04-25 07:15 PM
21
cve
cve

CVE-2023-28087

An HPE OneView appliance dump may expose OneView user accounts

5.5CVSS

5.5AI Score

0.0004EPSS

2023-04-25 07:15 PM
17
cve
cve

CVE-2023-28088

An HPE OneView appliance dump may expose SAN switch administrative credentials

7.8CVSS

7.6AI Score

0.0004EPSS

2023-04-25 07:15 PM
25
cve
cve

CVE-2023-28089

An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules

7.1CVSS

7AI Score

0.0004EPSS

2023-04-25 07:15 PM
19
cve
cve

CVE-2023-28090

An HPE OneView appliance dump may expose SNMPv3 read credentials

5.5CVSS

5.5AI Score

0.0004EPSS

2023-04-25 07:15 PM
17
cve
cve

CVE-2023-28091

HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump

5.5CVSS

5.3AI Score

0.0004EPSS

2023-04-14 03:15 PM
187
2
cve
cve

CVE-2023-30908

A remote authentication bypass issue exists in a OneView API.

9.8CVSS

9.6AI Score

0.004EPSS

2023-09-07 10:15 PM
54
cve
cve

CVE-2023-30909

A remote authentication bypass issue exists in someOneView APIs.

9.8CVSS

9.5AI Score

0.002EPSS

2023-09-14 03:15 PM
19
cve
cve

CVE-2023-50274

HPE OneView may allow command injection with local privilege escalation.

7.8CVSS

7.8AI Score

0.009EPSS

2024-01-23 05:15 PM
10
cve
cve

CVE-2023-50275

HPE OneView may allow clusterService Authentication Bypass resulting in denial of service.

7.5CVSS

7.5AI Score

0.001EPSS

2024-01-23 05:15 PM
12
cve
cve

CVE-2023-6573

HPE OneView may have a missing passphrase during restore.

5.5CVSS

5.5AI Score

0.001EPSS

2024-01-23 06:15 PM
18