PT-2022-19110 · Hewlett Packard · Hpe Storeonce
Published
2022-06-27
·
Updated
2022-07-07
·
CVE-2022-28622
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
HPE StoreOnce Software versions prior to 4.3.2
Description
A potential security issue has been identified in the SSH server of the affected software, where it supports weak key exchange algorithms. This could lead to remote unauthorized access.
Recommendations
For versions prior to 4.3.2, update to version 4.3.2 to resolve the issue. As a temporary workaround, consider restricting access to the SSH server until the update is applied.
Fix
Use of a Broken Cryptographic Algorithm
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hpe Storeonce