Filtered by vendor Hp
Subscribe
Total
2415 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-7196 | 1 Hp | 2 Bluedata Epic, Ezmeral Container Platform | 2021-07-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| The HPE BlueData EPIC Software Platform version 4.0 and HPE Ezmeral Container Platform 5.0 use an insecure method of handling sensitive Kerberos passwords that is susceptible to unauthorized interception and/or retrieval. Specifically, they display the kdc_admin_password in the source file of the url "/bdswebui/assignusers/". | |||||
| CVE-2019-4656 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, Mq and 5 more | 2021-07-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD is vulnerable to a denial of service attack that would allow an authenticated user to crash the queue and require a restart due to an error processing error messages. IBM X-Force ID: 170967. | |||||
| CVE-2020-24630 | 1 Hp | 1 Intelligent Management Center | 2021-07-21 | 9.0 HIGH | 8.8 HIGH |
| A remote operatoronlinelist_content privilege escalation vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7134 | 1 Hp | 1 Hpe Iot \+ Gcp | 2021-07-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A remote access to sensitive data vulnerability was discovered in HPE IOT + GCP version(s): 1.4.0, 1.4.1, 1.4.2, 1.2.4.2. | |||||
| CVE-2019-4568 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Mq and 4 more | 2021-07-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS could allow a remote attacker with intimate knowledge of the server to cause a denial of service when receiving data on the channel. IBM X-Force ID: 166629. | |||||
| CVE-2020-7207 | 1 Hp | 42 Apollo 2000, Apollo 2000 Firmware, Apollo 4200 Gen10 and 39 more | 2021-07-21 | 7.2 HIGH | 6.8 MEDIUM |
| A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE). This attack requires a physical attack to the server motherboard. To mitigate this issue, ensure your server is always physically secured. HPE will not address this issue in the impacted Gen 10 servers listed. HPE recommends using appropriate physical security methods as a compensating control to disallow an attacker from having physical access to the server main circuit board. | |||||
| CVE-2020-7202 | 1 Hp | 83 Apollo 4200 Gen10 Server, Apollo 4200 Gen9 Server, Apollo 4510 System and 80 more | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4) firmware. The vulnerability could be remotely exploited to disclose the serial number and other information. | |||||
| CVE-2020-7171 | 1 Hp | 1 Intelligent Management Center | 2021-07-21 | 10.0 HIGH | 9.8 CRITICAL |
| A guidatadetail expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2019-11946 | 1 Hp | 1 Intelligent Management Center | 2021-07-21 | 6.8 MEDIUM | 6.5 MEDIUM |
| A remote credential disclosure vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2020-4299 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, I and 4 more | 2021-07-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.1 could expose sensitive information to a user through a specially crafted HTTP request. IBM X-Force ID: 176606. | |||||
| CVE-2020-7133 | 1 Hp | 1 Hpe Iot \+ Gcp | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| A unauthorized remote access vulnerability was discovered in HPE IOT + GCP version(s): 1.4.0, 1.4.1, 1.4.2, 1.2.4.2. | |||||
| CVE-2020-7135 | 1 Hp | 1 Service Pack For Proliant | 2021-07-21 | 4.6 MEDIUM | 7.8 HIGH |
| A potential security vulnerability has been identified in the disk drive firmware installers named Supplemental Update / Online ROM Flash Component on HPE servers running Linux. The vulnerable software is included in the HPE Service Pack for ProLiant (SPP) releases 2018.06.0, 2018.09.0, and 2018.11.0. The vulnerable software is the Supplemental Update / Online ROM Flash Component for Linux (x64) software. The installer in this software component could be locally exploited to execute arbitrary code. Drive Models can be found in the Vulnerability Resolution field of the security bulletin. The 2019_03 SPP and Supplemental update / Online ROM Flash Component for Linux (x64) after 2019.03.0 has fixed this issue. | |||||
| CVE-2016-4376 | 2 Broadcom, Hp | 2 Fabric Operating System, Storefabric B Series Switch | 2021-06-22 | 7.8 HIGH | 6.5 MEDIUM |
| HPE FOS before 7.4.1d and 8.x before 8.0.1 on StoreFabric B switches allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2021-26584 | 1 Hp | 1 Oneview For Vmware Vcenter | 2021-06-11 | 4.3 MEDIUM | 6.1 MEDIUM |
| A security vulnerability in HPE OneView for VMware vCenter (OV4VC) could be exploited remotely to allow Cross-Site Scripting. HPE has released the following software update to resolve the vulnerability in HPE OneView for VMware vCenter (OV4VC). | |||||
| CVE-2021-3438 | 2 Hp, Samsung | 382 Color Laser 150 4zb94a, Color Laser 150 4zb95a, Color Laser Mfp 170 4zb96a and 379 more | 2021-06-08 | 4.6 MEDIUM | 7.8 HIGH |
| A potential buffer overflow in the software drivers for certain HP LaserJet products and Samsung product printers could lead to an escalation of privilege. | |||||
| CVE-2021-29201 | 1 Hp | 29 Integrated Lights-out 4, Integrated Lights-out 5, Proliant Bl460c Gen10 Server Blade and 26 more | 2021-06-02 | 3.5 LOW | 4.8 MEDIUM |
| A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | |||||
| CVE-2021-29202 | 1 Hp | 29 Integrated Lights-out 4, Integrated Lights-out 5, Proliant Bl460c Gen10 Server Blade and 26 more | 2021-06-02 | 4.6 MEDIUM | 6.7 MEDIUM |
| A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | |||||
| CVE-2021-29204 | 1 Hp | 29 Integrated Lights-out 4, Integrated Lights-out 5, Proliant Bl460c Gen10 Server Blade and 26 more | 2021-06-02 | 3.5 LOW | 4.8 MEDIUM |
| A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | |||||
| CVE-2021-29205 | 1 Hp | 29 Integrated Lights-out 4, Integrated Lights-out 5, Proliant Bl460c Gen10 Server Blade and 26 more | 2021-06-02 | 3.5 LOW | 4.8 MEDIUM |
| A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | |||||
| CVE-2021-29206 | 1 Hp | 29 Integrated Lights-out 4, Integrated Lights-out 5, Proliant Bl460c Gen10 Server Blade and 26 more | 2021-06-02 | 3.5 LOW | 4.8 MEDIUM |
| A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | |||||