Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Superdome_flex_firmware
(Hpe)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-10-19 | CVE-2021-26589 | A potential security vulnerability has been identified in HPE Superdome Flex Servers. The vulnerability could be remotely exploited to allow Cross Site Scripting (XSS) because the Session Cookie is missing an HttpOnly Attribute. HPE has provided a firmware update to resolve the vulnerability in HPE Superdome Flex Servers. | Superdome_flex_280_firmware, Superdome_flex_firmware | 6.1 | ||
| 2023-01-05 | CVE-2022-37933 | A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. The vulnerability could be exploited to allow local unauthorized data injection. HPE has made the following software updates to resolve the vulnerability in HPE Superdome Flex firmware 3.60.50 and below and Superdome Flex 280 servers firmware 1.40.60 and below. | Superdome_flex_280_firmware, Superdome_flex_firmware | 7.8 |