3 matches found
CVE-2024-42508
CVE-2024-42508 affects Hewlett Packard Enterprise OneView. The connected materials indicate a vulnerability that could cause unauthorized disclosure of information to authenticated users . CNNVD explicitly links this issue to HPE OneView versions prior to 9.20, implying a fix is provided in or af...
CVE-2025-37164
CVE-2025-37164 is a remote unauthenticated remote code execution vulnerability in HPE OneView . The flaw resides in the vulnerable PUT /rest/id-pools/executeCommand endpoint, which passes user-controlled input to Runtime.exec(), enabling code execution. Affects versions prior to 11.0; a patch upg...
CVE-2023-30912
CVE-2023-30912 affects Hewlett Packard Enterprise OneView. The ZDI advisory ZDI-23-1599 describes a remote code execution in the Backup functionality caused by a hard-coded cryptographic key; exploitation requires authentication but the authentication can be bypassed, enabling code execution as r...