Authentication Bypass Vulnerability in HPE StoreOnce Software
CVE-2025-37093
9.8CRITICAL
What is CVE-2025-37093?
An authentication bypass vulnerability has been identified in HPE StoreOnce Software, which could allow unauthorized access to the system. This flaw poses a significant risk, enabling attackers to bypass authentication mechanisms and potentially exploit sensitive data or functionalities without proper credentials.
Affected Version(s)
HPE StoreOnce Software 0 < 4.3.11
News Articles

Critical CVE-2025-37093 Hits HPE StoreOnce Systems
HPE warns of critical CVE-2025-37093 in StoreOnce software. Vulnerability allows remote access. Patch to version 4.3.11 or later urged for all users.
3 weeks ago

HPE Issues Security Patch for StoreOnce Bug Allowing Remote Authentication Bypass
HPE patches 8 StoreOnce flaws, including CVE-2025-37093, risking RCE and auth bypass—users must update now
3 weeks ago