cvedb.io
CVE-2022-28625
MEDIUM · CVSS 5.5
EPSS exploitation probability: 0%
Published 2022-08-31T16:15:10.347 · Last modified 2026-06-17T04:38:43.887

Summary

A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s): Prior to 7.0 or 6.60.01. A low privileged user could locally exploit this vulnerability to disclose sensitive information resulting in a complete loss of confidentiality, integrity, and availability. To exploit this vulnerability, HPE OneView must be configured with credential access to external repositories. HPE has provided a software update to resolve this vulnerability in HPE OneView.

Affected products

hp — oneview

Does this affect you?

Add your gear to cvedb and we'll alert you only when hp ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.