Lucene search

[email protected]NVD:CVE-2023-28089

HistoryApr 25, 2023 - 7:15 p.m.

CVE-2023-28089

2023-04-2519:15:10

CWE-522

[email protected]

web.nvd.nist.gov

cve-2023-28089

hpe oneview

ftp credentials

c7000 interconnect modules

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

AI Score

Confidence

High

EPSS

Percentile

9.0%

JSON

An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules

Affected configurations

Nvd

Node

hponeviewRange<6.60.04lts

hponeviewRange<8.2

VendorProductVersionCPE
hponeview*cpe:2.3:a:hp:oneview:*:*:*:*:lts:*:*:*
hponeview*cpe:2.3:a:hp:oneview:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hp	oneview	*	cpe:2.3:a:hp:oneview:::::lts:::*
hp	oneview	*	cpe:2.3:a:hp:oneview::::::::

References

support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04469en_us

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

AI Score

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for NVD:CVE-2023-28089

prion1 cve1 cvelist1