This page lists publicly disclosed CVE vulnerabilities affecting hp oneview (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-6573 | HPE OneView may have a missing passphrase during restore. | [email protected] | 5.5 | 0.12% | 2024-01-23 | 2024-11-21 |
| CVE-2023-50275 | HPE OneView may allow clusterService Authentication Bypass resulting in denial of service. | [email protected] | 7.5 | 0.08% | 2024-01-23 | 2025-06-20 |
| CVE-2023-50274 | HPE OneView may allow command injection with local privilege escalation. | [email protected] | 7.8 | 0.18% | 2024-01-23 | 2025-05-30 |
| CVE-2023-30909 | A remote authentication bypass issue exists in some OneView APIs. | [email protected] | 9.8 | 5.41% | 2023-09-14 | 2024-11-21 |
| CVE-2023-30908 | A remote authentication bypass issue exists in a OneView API. | [email protected] | 9.8 | 1.80% | 2023-09-07 | 2024-11-21 |
| CVE-2023-28084 | HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens | [email protected] | 5.5 | 0.03% | 2023-04-25 | 2025-02-03 |
| CVE-2023-28090 | An HPE OneView appliance dump may expose SNMPv3 read credentials | [email protected] | 5.5 | 0.04% | 2023-04-25 | 2025-02-03 |
| CVE-2023-28089 | An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules | [email protected] | 7.1 | 0.04% | 2023-04-25 | 2025-02-03 |
| CVE-2023-28088 | An HPE OneView appliance dump may expose SAN switch administrative credentials | [email protected] | 7.8 | 0.03% | 2023-04-25 | 2025-02-03 |
| CVE-2023-28087 | An HPE OneView appliance dump may expose OneView user accounts | [email protected] | 5.5 | 0.04% | 2023-04-25 | 2025-02-03 |
| CVE-2023-28086 | An HPE OneView appliance dump may expose proxy credential settings | [email protected] | 5.5 | 0.04% | 2023-04-25 | 2025-02-03 |
| CVE-2023-28091 | HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump | [email protected] | 5.5 | 0.04% | 2023-04-14 | 2025-02-06 |
| CVE-2022-28625 | A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s): Prior to 7.0 or 6.60.01. A low privileged user could locally exploit this vulnerability to disclose sensitive information resulting in a complete loss of confidentiality, integrity, and availability. To exploit this vulnerability, HPE OneView must be configured with credential access to external repositories. HPE has provided a software update to resolve this vulnerability in HPE OneView. | [email protected] | 5.5 | 0.03% | 2022-08-31 | 2024-11-21 |
| CVE-2022-28616 | A remote server-side request forgery (ssrf) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView. | [email protected] | 9.8 | 0.49% | 2022-05-17 | 2024-11-21 |
| CVE-2022-28617 | A remote bypass security restrictions vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView. | [email protected] | 9.8 | 0.49% | 2022-05-17 | 2024-11-21 |
| CVE-2022-23706 | A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView. | [email protected] | 6.1 | 0.30% | 2022-05-17 | 2024-11-21 |
| CVE-2022-23700 | A local unauthorized read access to files vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView. | [email protected] | 5.5 | 0.06% | 2022-04-04 | 2024-11-21 |
| CVE-2022-23699 | A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView. | [email protected] | 7.8 | 0.06% | 2022-04-04 | 2024-11-21 |
| CVE-2022-23698 | A remote unauthenticated disclosure of information vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView. | [email protected] | 7.5 | 0.31% | 2022-04-04 | 2024-11-21 |
| CVE-2022-23697 | A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView. | [email protected] | 6.1 | 0.30% | 2022-04-04 | 2024-11-21 |