CVE-2023-28090

CWE-522Insufficiently Protected Credentials3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 80.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Hewlett Packard Enterprise (hpe) HPE OneviewHP Oneview
Timeline
PublishedApr 25

Description

An HPE OneView appliance dump may expose SNMPv3 read credentials

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDhp/oneview< 6.60.04+1

🔴Vulnerability Details

2
GHSA
GHSA-mqq2-gjcf-j3cq: An HPE OneView appliance dump may expose SNMPv3 read credentials2023-04-25
CVEList
CVE-2023-28090: An HPE OneView appliance dump may expose SNMPv3 read credentials2023-04-25
CVE-2023-28090 (MEDIUM CVSS 5.5) | An HPE OneView appliance dump may e | cvebase.io