Vulnerabilities (CVE)

Filtered by vendor Hpe Subscribe
Filtered by product Superdome Flex 280
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-37933 1 Hpe 4 Superdome Flex, Superdome Flex 280, Superdome Flex 280 Firmware and 1 more 2024-02-04 N/A 7.8 HIGH
A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. The vulnerability could be exploited to allow local unauthorized data injection. HPE has made the following software updates to resolve the vulnerability in HPE Superdome Flex firmware 3.60.50 and below and Superdome Flex 280 servers firmware 1.40.60 and below.
CVE-2021-26589 1 Hpe 4 Superdome Flex, Superdome Flex 280, Superdome Flex 280 Firmware and 1 more 2024-02-04 4.3 MEDIUM 6.1 MEDIUM
A potential security vulnerability has been identified in HPE Superdome Flex Servers. The vulnerability could be remotely exploited to allow Cross Site Scripting (XSS) because the Session Cookie is missing an HttpOnly Attribute. HPE has provided a firmware update to resolve the vulnerability in HPE Superdome Flex Servers.