HPE OneView may allow clusterService Authentication Bypass resulting in denial of service.
Max CVSS
7.5
EPSS Score
0.05%
Published
2024-01-23
Updated
2024-01-29
HPE OneView may allow command injection with local privilege escalation.
Max CVSS
7.8
EPSS Score
0.04%
Published
2024-01-23
Updated
2024-01-29
Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery (SSRF) using the Web Service Eventing model.
Max CVSS
9.8
EPSS Score
0.43%
Published
2023-06-30
Updated
2023-07-07
Certain versions of HP PC Hardware Diagnostics Windows, HP Image Assistant, and HP Thunderbolt Dock G2 Firmware are potentially vulnerable to elevation of privilege.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-06-12
Updated
2023-06-21
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Elevation of Privilege.
Max CVSS
9.8
EPSS Score
0.15%
Published
2023-04-28
Updated
2023-05-10
Certain HP LaserJet Pro print products are potentially vulnerable to an Elevation of Privilege and/or Information Disclosure related to a lack of authentication with certain endpoints.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-07-21
Updated
2023-07-31
Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.
Max CVSS
8.8
EPSS Score
0.06%
Published
2023-06-12
Updated
2023-06-20
Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.
Max CVSS
8.8
EPSS Score
0.06%
Published
2023-06-12
Updated
2023-06-20
Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.
Max CVSS
8.8
EPSS Score
0.06%
Published
2023-06-12
Updated
2023-06-20
Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.
Max CVSS
9.8
EPSS Score
0.11%
Published
2023-06-12
Updated
2023-06-20
Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-06-12
Updated
2023-06-16
Certain versions of HP PC Hardware Diagnostics Windows are potentially vulnerable to elevation of privilege.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-10-31
Updated
2023-11-08
A vulnerability in NetBatch-Plus software allows unauthorized access to the application. HPE has provided a workaround and fix. Please refer to HPE Security Bulletin HPESBNS04388 for details.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-11-22
Updated
2022-11-29
A remote bypass security restrictions vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.
Max CVSS
9.8
EPSS Score
0.34%
Published
2022-05-17
Updated
2022-05-25
A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-04-04
Updated
2022-04-13
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-02-01
Updated
2023-02-08
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-02-01
Updated
2023-02-08
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-02-01
Updated
2023-02-08
Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element.
Max CVSS
7.3
EPSS Score
0.04%
Published
2023-08-16
Updated
2023-08-23
HP Print and Scan Doctor, an application within the HP Smart App for Windows, is potentially vulnerable to local elevation of privilege.
Max CVSS
7.8
EPSS Score
0.04%
Published
2021-11-01
Updated
2022-07-12
A remote operatoronlinelist_content privilege escalation vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
Max CVSS
9.0
EPSS Score
0.28%
Published
2020-10-19
Updated
2021-07-21
A remote urlaccesscontroller authentication bypass vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
Max CVSS
10.0
EPSS Score
0.44%
Published
2020-10-19
Updated
2020-10-21
A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE). This attack requires a physical attack to the server motherboard. To mitigate this issue, ensure your server is always physically secured. HPE will not address this issue in the impacted Gen 10 servers listed. HPE recommends using appropriate physical security methods as a compensating control to disallow an attacker from having physical access to the server main circuit board.
Max CVSS
7.2
EPSS Score
0.07%
Published
2020-11-05
Updated
2021-07-21
A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software. The vulnerability could be remotely exploited to bypass remote authentication leading to execution of arbitrary commands, gaining privileged access, causing denial of service, and changing the configuration.
Max CVSS
10.0
EPSS Score
0.59%
Published
2020-12-02
Updated
2020-12-04
SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE StoreServ Management Console (SSMC) 3.7.0.0 is an off node multiarray manager web application and remains isolated from data on the managed arrays. HPE has provided an update to HPE StoreServ Management Console (SSMC) software 3.7.0.0* Upgrade to HPE 3PAR StoreServ Management Console 3.7.1.1 or later.
Max CVSS
9.8
EPSS Score
0.54%
Published
2020-10-26
Updated
2020-11-16
76 vulnerabilities found
1 2 3 4
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!