Vulnerability Details : CVE-2022-37939
A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. The vulnerability could be locally exploited to allow disclosure of information. HPE has made the following software to resolve the vulnerability in HPE Superdome Flex Servers v3.65.8 and Superdome Flex 280 Servers v1.45.8.
Products affected by CVE-2022-37939
- cpe:2.3:o:hpe:superdome_flex_server_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hpe:superdome_flex_280_server_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-37939
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 13 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-37939
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.8
|
3.6
|
NIST | |
2.3
|
LOW | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N |
0.8
|
1.4
|
Hewlett Packard Enterprise (HPE) |
References for CVE-2022-37939
-
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04453en_us
Document - HPESBHF04453 rev.1 - HPE Superdome Flex and Superdome Flex 280 Servers, Local Disclosure of Information | HPE SupportVendor Advisory
Jump to