Vulnerability Description
Insufficient Verification of Data Authenticity vulnerability in Hewlett Packard Enterprise HPE Nimble Storage Hybrid Flash Arrays and Nimble Storage Secondary Flash Arrays.
CVSS Score
8.0
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hpe | Sf100 Firmware | < 5.2.1.900 |
| Hpe | Sf100 | - |
| Hpe | Sf300 Firmware | < 5.2.1.900 |
| Hpe | Sf300 | - |
| Hpe | Hf60C Firmware | < 5.2.1.900 |
| Hpe | Hf60C | - |
| Hpe | Hf40C Firmware | < 5.2.1.900 |
| Hpe | Hf40C | - |
| Hpe | Hf20 Firmware | < 5.2.1.900 |
| Hpe | Hf20 | - |
| Hpe | Hf40 Firmware | < 5.2.1.900 |
| Hpe | Hf40 | - |
| Hpe | Hf60 Firmware | < 5.2.1.900 |
| Hpe | Hf60 | - |
| Hpe | Hf20H Firmware | < 5.2.1.900 |
| Hpe | Hf20H | - |
| Hpe | Hf20C Firmware | < 5.2.1.900 |
| Hpe | Hf20C | - |
Related Weaknesses (CWE)
References
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpeVendor Advisory
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpeVendor Advisory
FAQ
What is CVE-2022-37928?
CVE-2022-37928 is a vulnerability with a CVSS score of 8.0 (HIGH). Insufficient Verification of Data Authenticity vulnerability in Hewlett Packard Enterprise HPE Nimble Storage Hybrid Flash Arrays and Nimble Storage Secondary Flash Arrays.
How severe is CVE-2022-37928?
CVE-2022-37928 has been rated HIGH with a CVSS base score of 8.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-37928?
Check the references section above for vendor advisories and patch information. Affected products include: Hpe Sf100 Firmware, Hpe Sf100, Hpe Sf300 Firmware, Hpe Sf300, Hpe Hf60C Firmware.