Remote Code Execution Vulnerability in HPE OneView by Hewlett Packard Enterprise
CVE-2023-30912

9.8CRITICAL

Key Information:

Vendor: HP
Status: HPE OneView
Vendor: CVE Published:; 25 October 2023

Summary

A vulnerability exists in HPE OneView that may allow an attacker to execute remote code on the affected system. This issue can potentially lead to unauthorized access and control over the software, posing significant risks to data integrity and confidentiality. It is crucial for users to apply the necessary patches and updates to mitigate the impact of this vulnerability.

Affected Version(s)

HPE OneView 0 < 8.60.00

References

https://support.hpe.com/hpesc/public/docDisplay?docLocale...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 25, 2023
Vulnerability Reserved
Apr 20, 2023