CVE-2022-37928

Insufficient Verification of Data Authenticity vulnerability in Hewlett Packard Enterprise HPE Nimble Storage Hybrid Flash Arrays and Nimble Storage Secondary Flash Arrays.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:hpe:sf100_firmware:*:*:*:*:ltsr:*:*:*
cpe:2.3:o:hpe:sf100_firmware:5.3.0.0:*:*:*:-:*:*:*
cpe:2.3:h:hpe:sf100:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:o:hpe:sf300_firmware:*:*:*:*:ltsr:*:*:*
cpe:2.3:o:hpe:sf300_firmware:5.3.0.0:*:*:*:-:*:*:*
cpe:2.3:h:hpe:sf300:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
OR cpe:2.3:o:hpe:hf60c_firmware:*:*:*:*:ltsr:*:*:*
cpe:2.3:o:hpe:hf60c_firmware:5.3.0.0:*:*:*:-:*:*:*
cpe:2.3:h:hpe:hf60c:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
OR cpe:2.3:o:hpe:hf40c_firmware:*:*:*:*:ltsr:*:*:*
cpe:2.3:o:hpe:hf40c_firmware:5.3.0.0:*:*:*:-:*:*:*
cpe:2.3:h:hpe:hf40c:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
OR cpe:2.3:o:hpe:hf20_firmware:*:*:*:*:ltsr:*:*:*
cpe:2.3:o:hpe:hf20_firmware:5.3.0.0:*:*:*:-:*:*:*
cpe:2.3:h:hpe:hf20:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
OR cpe:2.3:o:hpe:hf40_firmware:*:*:*:*:ltsr:*:*:*
cpe:2.3:o:hpe:hf40_firmware:5.3.0.0:*:*:*:-:*:*:*
cpe:2.3:h:hpe:hf40:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
OR cpe:2.3:o:hpe:hf60_firmware:*:*:*:*:ltsr:*:*:*
cpe:2.3:o:hpe:hf60_firmware:5.3.0.0:*:*:*:-:*:*:*
cpe:2.3:h:hpe:hf60:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
OR cpe:2.3:o:hpe:hf20h_firmware:*:*:*:*:ltsr:*:*:*
cpe:2.3:o:hpe:hf20h_firmware:5.3.0.0:*:*:*:-:*:*:*
cpe:2.3:h:hpe:hf20h:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
OR cpe:2.3:o:hpe:hf20c_firmware:*:*:*:*:ltsr:*:*:*
cpe:2.3:o:hpe:hf20c_firmware:5.3.0.0:*:*:*:-:*:*:*
cpe:2.3:h:hpe:hf20c:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:15

Type Values Removed Values Added
References () https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst04359en_us - Vendor Advisory () https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst04359en_us - Vendor Advisory
CVSS v2 : unknown
v3 : 6.5
v2 : unknown
v3 : 8.0

07 Nov 2023, 03:49

Type Values Removed Values Added
Summary Insufficient Verification of Data Authenticity vulnerability in Hewlett Packard Enterprise HPE Nimble Storage Hybrid Flash Arrays and Nimble Storage Secondary Flash Arrays. Insufficient Verification of Data Authenticity vulnerability in Hewlett Packard Enterprise HPE Nimble Storage Hybrid Flash Arrays and Nimble Storage Secondary Flash Arrays.

Information

Published : 2022-12-12 13:15

Updated : 2024-11-21 07:15


NVD link : CVE-2022-37928

Mitre link : CVE-2022-37928

CVE.ORG link : CVE-2022-37928


JSON object : View

Products Affected

hpe

  • sf300
  • hf40_firmware
  • hf60_firmware
  • hf60
  • sf300_firmware
  • hf20c
  • hf60c
  • sf100
  • hf40c
  • hf40
  • hf20h
  • hf20_firmware
  • hf20c_firmware
  • hf20h_firmware
  • hf20
  • hf60c_firmware
  • hf40c_firmware
  • sf100_firmware
CWE
CWE-345

Insufficient Verification of Data Authenticity