Medium
CVSS: 6.5
Vulnerabilities in the API error handling of an HPE Aruba Networking 5G Core server API could allow an unauthenticated remote attacker to obtain sensitive information. Successful exploitation could allow an attacker to access details such…
Medium
CVSS: 6.5
Vulnerabilities in the API error handling of an HPE Aruba Networking 5G Core server API could allow an unauthenticated remote attacker to obtain sensitive information. Successful exploitation could allow an attacker to access details such…
Medium
CVSS: 6.5
A vulnerability in the management API of the affected product could allow an unauthenticated remote attacker to trigger service restarts. Successful exploitation could allow an attacker to disrupt services and negatively impact system avail…
High
CVSS: 8.8
An authentication bypass in the application API allows an unauthorized administrative account to be created. A remote attacker could exploit this vulnerability to create privileged user accounts. Successful exploitation could allow an attac…
Critical
KEV CVSS: 10.0
A remote code execution issue exists in HPE OneView.
Medium
CVSS: 5.3
A broken access control (BAC) vulnerability in the web-based management interface could allow an authenticated remote attacker with low privileges to view sensitive information. Successful exploitation of this vulnerability could enable the…
Medium
CVSS: 5.8
A vulnerability in the web management interface of the AOS-CX OS user authentication service could allow an authenticated remote attacker to hijack an active user session. Successful exploitation may enable the attacker to maintain unauthor…
Medium
CVSS: 6.7
A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution (RCE) on the affected system.
Medium
CVSS: 6.7
A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution (RCE) on the affected system.
Medium
CVSS: 6.8
A platform-level denial-of-service (DoS) vulnerability exists in ArubaOS-CX software. Successful exploitation of this vulnerability could allow an attacker with administrative access to execute specific code that renders the switch non-boot…
High
CVSS: 7.8
A vulnerability in the SSH restricted shell interface of the network management services allows improper access control for authenticated read-only users. If successfully exploited, this vulnerability could allow an attacker with read-only…
High
CVSS: 7.3
An authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18.
High
CVSS: 7.3
An authentication bypass and disclosure of information vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18.
High
CVSS: 7.5
An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18.
High
CVSS: 7.5
An information disclosure vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17.
High
CVSS: 7.5
An information disclosure vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17.
High
CVSS: 8.0
An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17.
High
CVSS: 7.3
An authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17.
Critical
CVSS: 9.8
A remote code execution vulnerability exists in HPE Insight Remote Support (IRS) prior to v7.15.0.646.
High
CVSS: 7.5
A path traversal vulnerability exists in HPE Insight Remote Support (IRS) prior to v7.15.0.646.