Browse all 450 CVE security advisories affecting Hewlett Packard Enterprise (HPE). AI-powered Chinese analysis, POCs, and references for each vulnerability.
Hewlett Packard Enterprise (HPE) operates as a critical infrastructure provider, designing and selling servers, storage, networking hardware, and associated software solutions for enterprise data centers. With 418 recorded CVEs, the company’s attack surface primarily involves its managed services and hardware management interfaces. Historically, common vulnerability classes include remote code execution (RCE) and cross-site scripting (XSS), often stemming from web-based management consoles like HPE OneView or iLO. Privilege escalation flaws also appear frequently, allowing unauthorized users to gain administrative control over managed devices. Notable incidents have included credential exposure and insecure default configurations in firmware updates, which attackers exploited to pivot into internal networks. These weaknesses highlight the risks inherent in complex, interconnected enterprise ecosystems where management planes are often targeted. The high volume of vulnerabilities underscores the necessity for rigorous patch management and strict access controls across HPE’s extensive product portfolio to mitigate potential systemic breaches.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-43542 | Aruba Networks EdgeConnect 安全漏洞 — Aruba EdgeConnect Enterprise Software | 7.2 | High | 2022-11-30 |
| CVE-2022-43541 | Aruba Networks EdgeConnect 安全漏洞 — Aruba EdgeConnect Enterprise Software | 7.2 | High | 2022-11-30 |
| CVE-2022-43518 | Aruba Networks EdgeConnect 路径遍历漏洞 — Aruba EdgeConnect Enterprise Software | 4.9 | Medium | 2022-11-30 |
| CVE-2022-37926 | Aruba Networks EdgeConnect 跨站脚本漏洞 — Aruba EdgeConnect Enterprise Software | 5.5 | Medium | 2022-11-30 |
| CVE-2022-37925 | Aruba Networks EdgeConnect 跨站脚本漏洞 — Aruba EdgeConnect Enterprise Software | 6.1 | Medium | 2022-11-30 |
| CVE-2022-37924 | Aruba Networks EdgeConnect 安全漏洞 — Aruba EdgeConnect Enterprise Software | 7.2 | High | 2022-11-30 |
| CVE-2022-37923 | Aruba Networks EdgeConnect 安全漏洞 — Aruba EdgeConnect Enterprise Software | 7.2 | High | 2022-11-30 |
| CVE-2022-37922 | Aruba Networks EdgeConnect 安全漏洞 — Aruba EdgeConnect Enterprise Software | 7.2 | High | 2022-11-30 |
| CVE-2022-37921 | Aruba Networks EdgeConnect 安全漏洞 — Aruba EdgeConnect Enterprise Software | 7.2 | High | 2022-11-30 |
| CVE-2022-37920 | Aruba Networks EdgeConnect 安全漏洞 — Aruba EdgeConnect Enterprise Software | 7.2 | High | 2022-11-30 |
| CVE-2022-37919 | Aruba Networks EdgeConnect 安全漏洞 — Aruba EdgeConnect Enterprise Software | 7.5 | High | 2022-11-30 |
| CVE-2022-37932 | Hewlett Packard Enterprise OfficeConnect 授权问题漏洞 — Hewlett Packard Enterprise OfficeConnect 1820, 1850, and 1920S Network switches | 8.8 | High | 2022-11-30 |
| CVE-2021-46846 | Hewlett Packard Enterprise Integrated Lights-Out 跨站脚本漏洞 — HPE Integrated Lights-Out 5 | 6.4 | Medium | 2022-11-03 |
| CVE-2022-37928 | Hewlett Packard Enterprise OneView 数据伪造问题漏洞 — HPE Nimble Storage Hybrid Flash Arrays; Nimble Storage Secondary Flash Arrays | 8.0 | High | 2022-11-03 |
| CVE-2022-37930 | Hewlett Packard Enterprise Nimble Storage systems 安全漏洞 — HPE Nimble Storage Hybrid Flash Arrays; Nimble Storage Secondary Flash Arrays | 6.7 | Medium | 2022-11-03 |
| CVE-2022-37929 | Hewlett Packard Enterprise Nimble Storage systems 安全漏洞 — HPE Nimble Storage Hybrid Flash Arrays; Nimble Storage Secondary Flash Arrays | 6.7 | Medium | 2022-11-03 |
| CVE-2022-37927 | Hewlett Packard Enterprise OneView 输入验证错误漏洞 — HPE OneView Global Dashboard (OVGD) | 6.1 | Medium | 2022-11-03 |
| CVE-2019-5408 | HPE XP7 Command View Advanced Edition 权限许可和访问控制问题漏洞 — HP XP7 CVAE | 4.3 | - | 2019-08-09 |
| CVE-2019-5407 | HPE 3PAR StoreServ Management and Core Software Media 信息泄露漏洞 — HPE 3PAR StoreServ Management and Core Software Media | 4.3 | - | 2019-08-09 |
| CVE-2019-5406 | HPE 3PAR StoreServ Management and Core Software Media 授权问题漏洞 — HPE 3PAR StoreServ Management and Core Software Media | 8.3 | - | 2019-08-09 |
| CVE-2019-5405 | HPE 3PAR StoreServ Management and Core Software Media 授权问题漏洞 — HPE 3PAR StoreServ Management and Core Software Media | 9.8 | - | 2019-08-09 |
| CVE-2019-5404 | HPE 3PAR StoreServ Management and Core Software Media 注入漏洞 — HPE 3PAR StoreServ Management and Core Software Media | 8.8 | - | 2019-08-09 |
| CVE-2019-5403 | HPE 3PAR StoreServ Management and Core Software Media 跨站脚本漏洞 — HPE 3PAR StoreServ Management and Core Software Media | 5.4 | - | 2019-08-09 |
| CVE-2019-5402 | HPE 3PAR StoreServ Management and Core Software Media 授权问题漏洞 — HPE 3PAR StoreServ Management and Core Software Media | 9.8 | - | 2019-08-09 |
| CVE-2019-5400 | HPE 3PAR Service Processor 授权问题漏洞 — HPE 3PAR Service Processor | 7.3 | - | 2019-08-09 |
| CVE-2019-5399 | HPE 3PAR Service Processor 授权问题漏洞 — HPE 3PAR Service Processor | 9.8 | - | 2019-08-09 |
| CVE-2019-5398 | HPE 3PAR Service Processor 跨站脚本漏洞 — HPE 3PAR Service Processor | 5.4 | - | 2019-08-09 |
| CVE-2019-5397 | HPE 3PAR Service Processor 跨站脚本漏洞 — HPE 3PAR Service Processor | 9.4 | - | 2019-08-09 |
| CVE-2019-5396 | HPE 3PAR Service Processor 授权问题漏洞 — HPE 3PAR Service Processor | 9.8 | - | 2019-08-09 |
| CVE-2019-5395 | HPE 3PAR Service Processor 代码问题漏洞 — HPE 3PAR Service Processor | 8.8 | - | 2019-08-09 |
This page lists every published CVE security advisory associated with Hewlett Packard Enterprise (HPE). Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.