CVE-2025-37089

A command injection remote code execution vulnerability exists in HPE StoreOnce Software.
Configurations

Configuration 1 (hide)

cpe:2.3:a:hpe:storeonce_system:*:*:*:*:*:*:*:*

History

02 Jul 2025, 17:50

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
First Time Hpe
Hpe storeonce System
References () https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbst04847en_us&docLocale=en_US - () https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbst04847en_us&docLocale=en_US - Vendor Advisory
Summary
  • (es) Existe una vulnerabilidad de ejecución remota de código por inyección de comandos en el software HPE StoreOnce.
CPE cpe:2.3:a:hpe:storeonce_system:*:*:*:*:*:*:*:*

02 Jun 2025, 16:15

Type Values Removed Values Added
CWE CWE-77

02 Jun 2025, 15:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.2
v2 : unknown
v3 : unknown

02 Jun 2025, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-06-02 14:15

Updated : 2025-07-02 17:50


NVD link : CVE-2025-37089

Mitre link : CVE-2025-37089

CVE.ORG link : CVE-2025-37089


JSON object : View

Products Affected

hpe

  • storeonce_system
CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')