PT-2022-16213 · Hewlett Packard · Hpe Nimble Storage All Flash Arrays+2

Published

2022-04-12

·

Updated

2022-04-19

·

CVE-2022-23703

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Name of the Vulnerable Software and Affected Versions HPE Nimble Storage Hybrid Flash Arrays versions prior to 5.0.10.100 HPE Nimble Storage All Flash Arrays versions prior to 5.0.10.100 HPE Nimble Storage Secondary Flash Arrays versions prior to 5.0.10.100 HPE Nimble Storage Hybrid Flash Arrays versions prior to 5.2.1.500 HPE Nimble Storage All Flash Arrays versions prior to 5.2.1.500 HPE Nimble Storage Secondary Flash Arrays versions prior to 5.2.1.500 HPE Nimble Storage Hybrid Flash Arrays versions prior to 6.0.0.100 HPE Nimble Storage All Flash Arrays versions prior to 6.0.0.100 HPE Nimble Storage Secondary Flash Arrays versions prior to 6.0.0.100
Description A security issue has been identified in HPE Nimble Storage during update, potentially allowing an attacker to intercept and modify network communication for software updates initiated by the Nimble appliance.
Recommendations For HPE Nimble Storage Hybrid Flash Arrays versions prior to 5.0.10.100, update to version 5.0.10.100 or later. For HPE Nimble Storage All Flash Arrays versions prior to 5.0.10.100, update to version 5.0.10.100 or later. For HPE Nimble Storage Secondary Flash Arrays versions prior to 5.0.10.100, update to version 5.0.10.100 or later. For HPE Nimble Storage Hybrid Flash Arrays versions prior to 5.2.1.500, update to version 5.2.1.500 or later. For HPE Nimble Storage All Flash Arrays versions prior to 5.2.1.500, update to version 5.2.1.500 or later. For HPE Nimble Storage Secondary Flash Arrays versions prior to 5.2.1.500, update to version 5.2.1.500 or later. For HPE Nimble Storage Hybrid Flash Arrays versions prior to 6.0.0.100, update to version 6.0.0.100 or later. For HPE Nimble Storage All Flash Arrays versions prior to 6.0.0.100, update to version 6.0.0.100 or later. For HPE Nimble Storage Secondary Flash Arrays versions prior to 6.0.0.100, update to version 6.0.0.100 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

CVE-2022-23703

Affected Products

Hpe Nimble Storage All Flash Arrays
Hpe Nimble Storage Hybrid Flash Arrays
Hpe Nimble Storage Secondary Flash Arrays