cvedb.io
CVE-2022-23703
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2022-04-12T17:15:09.403 · Last modified 2026-06-17T04:30:40.160

Summary

A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays and HPE Nimble Storage Secondary Flash Arrays during update. This would potentially allow an attacker to intercept and modify network communication for software updates initiated by the Nimble appliance. The following NimbleOS versions, and all subsequent releases, contain a software fix for this vulnerability: 5.0.10.100, 5.2.1.500, 6.0.0.100

Affected products

hpe — nimbleos

Does this affect you?

Add your gear to cvedb and we'll alert you only when hpe ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.