Potential security vulnerabilities have been identified in the HPE FlexFabric 5700 Switch Series. These vulnerabilities could be remotely exploited to allow host header injection and URL redirection. HPE has made the following software to resolve the vulnerability in HPE FlexFabric 5700 Switch Series version R2432P61 or later.
References
Link | Resource |
---|---|
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04398en_us | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
History
29 Mar 2023, 13:18
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:hpe:flexfabric_5700_40xg_2qsfp\+:-:*:*:*:*:*:*:* cpe:2.3:o:hpe:flexfabric_5700_40xg_2qsfp\+_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:hpe:flexfabric_5700_48g_4xg_2qsfp\+:-:*:*:*:*:*:*:* cpe:2.3:o:hpe:flexfabric_5700_48g_4xg_2qsfp\+_firmware:*:*:*:*:*:*:*:* |
|
CWE | CWE-601 | |
References | (MISC) https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04398en_us - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
22 Mar 2023, 06:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-03-22 06:15
Updated : 2024-02-04 23:37
NVD link : CVE-2022-37940
Mitre link : CVE-2022-37940
CVE.ORG link : CVE-2022-37940
JSON object : View
Products Affected
hpe
- flexfabric_5700_48g_4xg_2qsfp\+
- flexfabric_5700_40xg_2qsfp\+_firmware
- flexfabric_5700_40xg_2qsfp\+
- flexfabric_5700_48g_4xg_2qsfp\+_firmware
CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')