CVE-2023-28084

CWE-522Insufficiently Protected Credentials3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 80.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Hewlett Packard Enterprise HPE OneviewHewlett Packard Enterprise HPE Oneview Global DashboardHP Oneview+1 more
Timeline
PublishedApr 25

Description

HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDhp/oneview7.08.2+1

🔴Vulnerability Details

2
GHSA
GHSA-m796-g35g-ww8p: HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens2023-04-25
CVEList
HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens2023-04-25
CVE-2023-28084 (MEDIUM CVSS 5.5) | HPE OneView and HPE OneView Global | cvebase.io