cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-50275,https://securityvulnerability.io/vulnerability/CVE-2023-50275,Authentication Bypass Vulnerability in HPE OneView,"The vulnerability in HPE OneView involves a flaw in the clusterService that may permit an authentication bypass. This vulnerability could allow unauthorized access to certain functionalities, potentially leading to a denial of service. Remediation is essential to prevent exploitation and maintain the integrity and availability of the HPE OneView management platform.",HP,HPE OneView,7.5,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2024-01-23T17:09:52.902Z,0
CVE-2023-50274,https://securityvulnerability.io/vulnerability/CVE-2023-50274,Command Injection Vulnerability in HPE OneView Product,"A command injection vulnerability exists in HPE OneView that may permit attackers to execute arbitrary commands with elevated privileges on the affected system. This issue could enable unauthorized users to manipulate the server environment, impacting the integrity and security of the system. The vulnerability emphasizes the importance of maintaining updated security practices and monitoring for potential exploits within organizational infrastructures.",HP,HPE OneView,7.8,HIGH,0.011119999922811985,false,,false,false,false,,,false,false,,2024-01-23T17:02:38.098Z,0
CVE-2023-30912,https://securityvulnerability.io/vulnerability/CVE-2023-30912,Remote Code Execution Vulnerability in HPE OneView by Hewlett Packard Enterprise,"A vulnerability exists in HPE OneView that may allow an attacker to execute remote code on the affected system. This issue can potentially lead to unauthorized access and control over the software, posing significant risks to data integrity and confidentiality. It is crucial for users to apply the necessary patches and updates to mitigate the impact of this vulnerability.",HP,HPE OneView,9.8,CRITICAL,0.006550000049173832,false,,false,false,false,,,false,false,,2023-10-25T18:17:00.000Z,0
CVE-2023-30908,https://securityvulnerability.io/vulnerability/CVE-2023-30908,Remote Authentication Bypass in HPE OneView API,"A significant vulnerability within the HPE OneView API allows remote attackers to bypass authentication mechanisms. This issue can lead to unauthorized access, potentially compromising sensitive data and system integrity. Organizations using HPE OneView must take immediate action to mitigate risks associated with this vulnerability to ensure the security of their environments.",HP,HPE OneView,9.8,CRITICAL,0.003700000001117587,false,,false,false,false,,,false,false,,2023-09-07T22:15:00.000Z,0
CVE-2023-28085,https://securityvulnerability.io/vulnerability/CVE-2023-28085,Credential Exposure Vulnerability in HPE OneView Global Dashboard Appliance,The HPE OneView Global Dashboard appliance has a vulnerability that may lead to the exposure of user account credentials through appliance dumps. This incident could allow unauthorized access if sensitive information is retrieved without proper safeguards. Users of the HPE OneView Global Dashboard should assess their security configurations and consider implementing additional protective measures to mitigate this risk.,HP,HPE OneView Global Dashboard,5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-04-14T15:15:00.000Z,0
CVE-2023-28091,https://securityvulnerability.io/vulnerability/CVE-2023-28091,Information Exposure in HPE OneView Virtual Appliance,"The HPE OneView virtual appliance includes a 'Migrate server hardware' option that could potentially leak sensitive information contained within an HPE OneView support dump. This exposure can lead to unauthorized access to critical data, posing a significant risk to user privacy and data integrity. Organizations using HPE OneView should take immediate steps to assess their configurations and implement mitigations as necessary to safeguard against potential data breaches.",HP,HPE OneView,5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-04-14T15:15:00.000Z,0
CVE-2021-29217,https://securityvulnerability.io/vulnerability/CVE-2021-29217,Remote URL Redirection Vulnerability in HPE OneView Global Dashboard,"A remote URL redirection vulnerability exists in HPE OneView Global Dashboard prior to version 2.5. This vulnerability can be exploited by an attacker to redirect users to malicious websites, potentially leading to phishing attacks and the theft of sensitive information. It is crucial for users to update to the latest version provided by HPE to mitigate this risk.",HP,HPe Oneview Global Dashboard,6.1,MEDIUM,0.0012000000569969416,false,,false,false,false,,,false,false,,2022-02-24T21:04:45.000Z,0
CVE-2021-29216,https://securityvulnerability.io/vulnerability/CVE-2021-29216,Remote Cross-Site Scripting Vulnerability in HPE OneView Global Dashboard,"A remote cross-site scripting vulnerability was identified in HPE OneView Global Dashboard versions prior to 2.5, allowing attackers to inject malicious scripts into web pages viewed by users. This can lead to the exposure of sensitive information or unintended actions executed on behalf of the users. Hewlett Packard Enterprise has released a software update to address and mitigate this security issue, emphasizing the importance of updating affected software to protect against potential exploits.",HP,HPe Oneview Global Dashboard,6.1,MEDIUM,0.0007800000021234155,false,,false,false,false,,,false,false,,2022-02-24T21:04:06.000Z,0
CVE-2019-11992,https://securityvulnerability.io/vulnerability/CVE-2019-11992,,A security vulnerability in HPE OneView for VMware vCenter 9.5 could be exploited remotely to allow Cross-Site Scripting.,HP,HPe Oneview For Vmware Vcenter With Operations Manager And Log Insight,6.1,MEDIUM,0.0005799999926239252,false,,false,false,false,,,false,false,,2019-12-18T15:59:05.000Z,0