CVE-2022-37927 — Open Redirect in HPE Oneview Global Dashboard

CWE-601 — Open Redirect3 documents3 sources

Severity

6.1MEDIUMNVD

EPSS

0.2%

top 61.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HPE Oneview Global Dashboard Hewlett Packard Enterprise HPE Oneview Global Dashboard

Timeline

PublishedDec 12

Description

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Hewlett Packard Enterprise HPE OneView Global Dashboard (OVGD).

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

▶CVEListV5hewlett_packard_enterprise/hpe_oneview_global_dashboardPrior to 2.7

▶NVDhpe/oneview_global_dashboard< 2.7

🔴Vulnerability Details

GHSA

GHSA-67p9-pcxv-4mpw: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Hewlett Packard Enterprise HPE OneView Global Dashboard (OVGD)↗2022-12-12

▶

CVEList

CVE-2022-37927: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Hewlett Packard Enterprise HPE OneView Global Dashboard (OVGD)↗2022-11-03

▶