PT-2022-16215 · Hewlett Packard · Hpe Nimble Storage All Flash Arrays+2
Published
2022-05-09
·
Updated
2023-08-08
·
CVE-2022-23705
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
HPE Nimble Storage Hybrid Flash Arrays versions prior to 5.0.10.100
HPE Nimble Storage All Flash Arrays versions prior to 5.0.10.100
HPE Nimble Storage Secondary Flash Arrays versions prior to 5.0.10.100
HPE Nimble Storage Hybrid Flash Arrays versions prior to 5.2.1.0
HPE Nimble Storage All Flash Arrays versions prior to 5.2.1.0
HPE Nimble Storage Secondary Flash Arrays versions prior to 5.2.1.0
HPE Nimble Storage Hybrid Flash Arrays versions prior to 6.0.0.100
HPE Nimble Storage All Flash Arrays versions prior to 6.0.0.100
HPE Nimble Storage Secondary Flash Arrays versions prior to 6.0.0.100
Description
A security issue has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays, and HPE Nimble Storage Secondary Flash Arrays. This issue could potentially allow the upload, but not execution, of unauthorized update binaries to the array.
Recommendations
For HPE Nimble Storage Hybrid Flash Arrays, update to version 5.0.10.100 or later, or version 5.2.1.0 or later, or version 6.0.0.100 or later.
For HPE Nimble Storage All Flash Arrays, update to version 5.0.10.100 or later, or version 5.2.1.0 or later, or version 6.0.0.100 or later.
For HPE Nimble Storage Secondary Flash Arrays, update to version 5.0.10.100 or later, or version 5.2.1.0 or later, or version 6.0.0.100 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Hpe Nimble Storage All Flash Arrays
Hpe Nimble Storage Hybrid Flash Arrays
Hpe Nimble Storage Secondary Flash Arrays