Information Disclosure Vulnerability in HPE Superdome Flex Servers
CVE-2022-37939

2.3LOW

Key Information:

Vendor: HP
Status: HP Superdome Flex Servers; HP Superdome Flex 280 Servers
Vendor: CVE Published:; 8 March 2023

Summary

An identified security vulnerability in HPE Superdome Flex and Superdome Flex 280 servers could allow local exploitation to reveal sensitive information. HPE has released software updates to address this issue, providing solutions for affected versions, specifically v3.65.8 for Superdome Flex Servers and v1.45.8 for Superdome Flex 280 Servers. Users are advised to apply these updates promptly to ensure their systems remain secure.

Affected Version(s)

HPE Superdome Flex Servers; HPE Superdome Flex 280 Servers Prior to Superdome Flex 3.65.8; Prior to Superdome Flex 280 1.45.8

References

https://support.hpe.com/hpsc/doc/public/display?docLocale...

CVSS V3.1

Score:

2.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 8, 2023
Vulnerability Reserved
Aug 8, 2022