CVE-2023-28086

CWE-522Insufficiently Protected Credentials3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 80.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Hewlett Packard Enterprise (hpe) HPE OneviewHP Oneview
Timeline
PublishedApr 25

Description

An HPE OneView appliance dump may expose proxy credential settings

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDhp/oneview< 6.60.04+1

🔴Vulnerability Details

2
CVEList
CVE-2023-28086: An HPE OneView appliance dump may expose proxy credential settings2023-04-25
GHSA
GHSA-22mh-fcv5-gcmq: An HPE OneView appliance dump may expose proxy credential settings2023-04-25
CVE-2023-28086 (MEDIUM CVSS 5.5) | An HPE OneView appliance dump may e | cvebase.io