Vulnerabilities (CVE)

Filtered by vendor Hpe Subscribe
Filtered by product Nimble Storage Secondary Flash Arrays
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-28618 1 Hpe 4 Nimble Storage All Flash Arrays, Nimble Storage Hybrid Flash Arrays, Nimble Storage Secondary Flash Arrays and 1 more 2024-02-28 7.5 HIGH 9.8 CRITICAL
A command injection security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays and HPE Nimble Storage Secondary Flash Arrays that could allow an attacker to execute arbitrary commands on a Nimble appliance. HPE has made the following software updates to resolve the vulnerability in HPE Nimble Storage: 5.0.10.100 or later, 5.2.1.0 or later, 6.0.0.100 or later.
CVE-2020-7138 1 Hpe 10 Nimble Storage Af20 All Flash Array, Nimble Storage Af20q All Flash Dual Controller, Nimble Storage Af40 All Flash Dual Controller and 7 more 2024-02-28 6.5 MEDIUM 8.8 HIGH
Potential remote code execution security vulnerabilities have been identified with HPE Nimble Storage systems that could be exploited by an attacker to gain elevated privileges on the array. The following NimbleOS versions, and all subsequent releases, contain a software fix for this vulnerability: 3.9.3.0 4.5.6.0 5.0.9.0 5.1.4.100
CVE-2020-7139 1 Hpe 10 Nimble Storage Af20 All Flash Array, Nimble Storage Af20q All Flash Dual Controller, Nimble Storage Af40 All Flash Dual Controller and 7 more 2024-02-28 5.5 MEDIUM 8.1 HIGH
Potential remote access security vulnerabilities have been identified with HPE Nimble Storage systems that could be exploited by an attacker to access and modify sensitive information on the system. The following NimbleOS versions, and all subsequent releases, contain a software fix for this vulnerability: 3.9.3.0 4.5.6.0 5.0.9.0 5.1.4.100
CVE-2019-11996 1 Hpe 10 Nimble Storage Af20 All Flash Array, Nimble Storage Af20q All Flash Dual Controller, Nimble Storage Af40 All Flash Dual Controller and 7 more 2024-02-28 10.0 HIGH 9.8 CRITICAL
Potential security vulnerabilities have been identified with HPE Nimble Storage systems in multi array group configurations. The vulnerabilities could be exploited by an attacker to gain elevated privileges on the array. The following NimbleOS versions, and all subsequent releases, contain a software fix for this vulnerability: 3.9.2.0, 4.5.5.0, 5.0.8.0 and 5.1.3.0.