Every CVE whose affected-product data names Hp Oneview, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (22)
CVE-2022-28616 — CVSS 9.8 (critical): A remote server-side request forgery (ssrf) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a…
CVE-2022-28617 — CVSS 9.8 (critical): A remote bypass security restrictions vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software…
CVE-2020-7198 — CVSS 8.8 (high): There is a remote escalation of privilege possible for a malicious user that has a OneView account in OneView and Synergy Composer. HPE has…
CVE-2022-23699 — CVSS 7.8 (high): A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software…
CVE-2022-23698 — CVSS 7.5 (high): A remote unauthenticated disclosure of information vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a…
CVE-2014-2602 — CVSS 6.5 (medium): Unspecified vulnerability in HP OneView 1.0 and 1.01 allows remote authenticated users to gain privileges via unknown vectors.
CVE-2022-23697 — CVSS 6.1 (medium): A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software…
CVE-2022-23706 — CVSS 6.1 (medium): A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software…
CVE-2022-23700 — CVSS 5.5 (medium): A local unauthorized read access to files vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software…
CVE-2022-28625 — CVSS 5.5 (medium): A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s): Prior to 7.0 or 6.60.01. A low…
CVE-2023-28091 — CVSS 5.5 (medium): HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump