CVE-2022-37933

CVSS 7.3 HIGHEPSS 0.3%CWE-74

Vexday Risk Score

21Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 7.3EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

03 Jan 2023Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. The vulnerability could be exploited to allow local unauthorized data injection. HPE has made the following software updates to resolve the vulnerability in HPE Superdome Flex firmware 3.60.50 and below and Superdome Flex 280 servers firmware 1.40.60 and below.

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L

Affected products

Hewlett Packard Enterprise (HPE) · HPE Superdome Flex Server; HPE Superdome Flex 280 Server

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04400en_us