Unspecified vulnerability in HP OneView 1.0 and 1.01 allows remote authenticated users to gain privileges via unknown vectors.
6.6AI Score
0.002EPSS
There is a remote escalation of privilege possible for a malicious user that has a OneView account in OneView and Synergy Composer. HPE has provided updates to Oneview and Synergy Composer: Update to version 5.5 of OneView, Composer, or Composer2.
8.8CVSS
9AI Score
0.005EPSS
A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
6.1CVSS
5.9AI Score
0.001EPSS
A remote unauthenticated disclosure of information vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
7.5CVSS
7.3AI Score
0.002EPSS
A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
7.8CVSS
7.6AI Score
0.0004EPSS
A local unauthorized read access to files vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
5.5CVSS
5.1AI Score
0.0004EPSS
A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.
6.1CVSS
5.9AI Score
0.001EPSS
A remote server-side request forgery (ssrf) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.
9.8CVSS
9.3AI Score
0.002EPSS
A remote bypass security restrictions vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.
9.8CVSS
9.3AI Score
0.004EPSS
A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s): Prior to 7.0 or 6.60.01. A low privileged user could locally exploit this vulnerability to disclose sensitive information resulting in a complete loss of confidentiality, integrity, and availability....
5.5CVSS
5AI Score
0.0004EPSS
HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens
5.5CVSS
5.7AI Score
0.0004EPSS
5.5CVSS
5.5AI Score
0.0004EPSS
5.5CVSS
5.5AI Score
0.0004EPSS
7.8CVSS
7.6AI Score
0.0004EPSS
An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules
7.1CVSS
7AI Score
0.0004EPSS
5.5CVSS
5.5AI Score
0.0004EPSS
HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump
5.5CVSS
5.3AI Score
0.0004EPSS
9.8CVSS
9.6AI Score
0.004EPSS
9.8CVSS
9.5AI Score
0.002EPSS
7.8CVSS
7.8AI Score
0.009EPSS
HPE OneView may allow clusterService Authentication Bypass resulting in denial of service.
7.5CVSS
7.5AI Score
0.001EPSS
5.5CVSS
5.5AI Score
0.001EPSS