CVE-2023-30909

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Sep 14, 2023
Updated: Sep 19, 2023

Summary

CVE-2023-30909 is a newly disclosed vulnerability affecting certain OneView APIs. This issue permits unauthenticated users to bypass authentication checks, granting them unauthorized access to protected resources. The vulnerability could lead to potential data breaches or system compromises. It is recommended that affected organizations apply the available patches as soon as possible to mitigate the risk. Authenticating users is a crucial step in maintaining the security of any system, and CVE-2023-30909 exposes a weakness in this process for certain OneView APIs. The vulnerability allows unauthorized access, potentially compromising sensitive data and granting attackers control over system functions. Organizations using these APIs should promptly install the available patches to prevent potential breaches.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • HP OneView
  • HPE OneView

Affected Vendors

  • Hewlett Packard Enterprise Co.
  • HP