CVE-2023-28091

3 documents3 sources

Severity

5.5MEDIUM

EPSS

0.1%

top 73.63%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Hewlett Packard Enterprise (hpe) HPE Oneview HP Oneview

Timeline

PublishedApr 14

Description

HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶NVDhp/oneview7.0 — 8.1

▶CVEListV5hewlett_packard_enterprise_(hpe)/hpe_oneview7.0 — 8.1

🔴Vulnerability Details

CVEList

CVE-2023-28091: HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump↗2023-04-14

▶

GHSA

GHSA-fc8v-777q-r95w: HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump↗2023-04-14

▶