Vulnerability Description
A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 Servers. The vulnerability could be locally exploited to allow an user with Administrator access to escalate their privilege. The vulnerability is resolved in the latest firmware update. HPE Superdome Flex Server Version 3.50.58 or later, HPE Superdome Flex 280 Server Version 1.20.204 or later.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hpe | Superdome Flex Server Firmware | < 3.50.58 |
| Hpe | Superdome Flex Server | - |
| Hpe | Superdome Flex 280 Server Firmware | < 1.20.204 |
| Hpe | Superdome Flex 280 Server | - |
References
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpeVendor Advisory
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpeVendor Advisory
FAQ
What is CVE-2022-23702?
CVE-2022-23702 is a vulnerability with a CVSS score of 6.7 (MEDIUM). A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 Servers. The vulnerability could be locally exploited to allow an user with Administrator access to ...
How severe is CVE-2022-23702?
CVE-2022-23702 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-23702?
Check the references section above for vendor advisories and patch information. Affected products include: Hpe Superdome Flex Server Firmware, Hpe Superdome Flex Server, Hpe Superdome Flex 280 Server Firmware, Hpe Superdome Flex 280 Server.