Local Disclosure of Sensitive Information in HPE OneView
CVE-2022-28625
5.5MEDIUM
What is CVE-2022-28625?
A vulnerability allowing low privileged users to exploit HPE OneView versions prior to 7.0 and 6.60.01 has been identified. When HPE OneView is configured with credential access to external repositories, it may expose sensitive information leading to a significant loss of confidentiality, integrity, and availability. HPE recommends users update to the latest version to mitigate potential risks.
Affected Version(s)
HPE OneView Prior to 7.0 or 6.60.01