9.8

CVE-2022-37932

EPSS 72.12%
Veröffentlicht 12.12.2022 13:15:14
Zuletzt bearbeitet 21.11.2024 07:15:24
Quelle security-alert@hpe.com
Teams Watchlist Login
Unerledigt Login

A potential security vulnerability has been identified in Hewlett Packard Enterprise OfficeConnect 1820, 1850, and 1920S Network switches. The vulnerability could be remotely exploited to allow authentication bypass. HPE has made the following software updates to resolve the vulnerability in Hewlett Packard Enterprise OfficeConnect 1820, 1850 and 1920S Network switches versions: Prior to PT.02.14; Prior to PC.01.22; Prior to PO.01.21; Prior to PD.02.22;

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hpe ≫ Officeconnect 1820 J9979a Firmware Version < pt.02.14

Hpe ≫ Officeconnect 1820 J9979a Version-

Hpe ≫ Officeconnect 1820 J9982a Firmware Version < pt.02.14

Hpe ≫ Officeconnect 1820 J9982a Version-

Hpe ≫ Officeconnect 1820 J9980a Firmware Version < pt.02.14

Hpe ≫ Officeconnect 1820 J9980a Version-

Hpe ≫ Officeconnect 1820 J9983a Firmware Version < pt.02.14

Hpe ≫ Officeconnect 1820 J9983a Version-

Hpe ≫ Officeconnect 1820 J9981a Firmware Version < pt.02.14

Hpe ≫ Officeconnect 1820 J9981a Version-

Hpe ≫ Officeconnect 1820 J9984a Firmware Version < pt.02.14

Hpe ≫ Officeconnect 1820 J9984a Version-

Hpe ≫ Officeconnect 1850 24g 2xgt Poe+ Firmware Version < pc.01.22

Hpe ≫ Officeconnect 1850 24g 2xgt Poe+ Version-

Hpe ≫ Officeconnect 1850 24g 2xgt Firmware Version < pc.01.22

Hpe ≫ Officeconnect 1850 24g 2xgt Version-

Hpe ≫ Officeconnect 1850 48g 4xgt Poe+ Firmware Version < pc.01.22

Hpe ≫ Officeconnect 1850 48g 4xgt Poe+ Version-

Hpe ≫ Officeconnect 1850 48g 4xgt Firmware Version < pc.01.22

Hpe ≫ Officeconnect 1850 48g 4xgt Version-

Hpe ≫ Officeconnect 1850 6xgt Firmware Version < po.01.21

Hpe ≫ Officeconnect 1850 6xgt Version-

Hpe ≫ Officeconnect 1850 2xgt/spf+ Firmware Version < po.01.21

Hpe ≫ Officeconnect 1850 2xgt/spf+ Version-

Hpe ≫ Officeconnect 1920s 24g 2sfp Poe+ Firmware Version < pd.02.22

Hpe ≫ Officeconnect 1920s 24g 2sfp Poe+ Version-

Hpe ≫ Officeconnect 1920s 24g 2sfp Ppoe+ Firmware Version < pd.02.22

Hpe ≫ Officeconnect 1920s 24g 2sfp Ppoe+ Version-

Hpe ≫ Officeconnect 1920s 24g 2sfp Firmware Version < pd.02.22

Hpe ≫ Officeconnect 1920s 24g 2sfp Version-

Hpe ≫ Officeconnect 1920s 48g 4sfp Ppoe+ Firmware Version < pd.02.22

Hpe ≫ Officeconnect 1920s 48g 4sfp Ppoe+ Version-

Hpe ≫ Officeconnect 1920s 48g 4sfp Firmware Version < pd.02.22

Hpe ≫ Officeconnect 1920s 48g 4sfp Version-

Hpe ≫ Officeconnect 1920s 8g Ppoe+ Firmware Version < pd.02.22

Hpe ≫ Officeconnect 1920s 8g Ppoe+ Version-

Hpe ≫ Officeconnect 1920s 8g Firmware Version < pd.02.22

Hpe ≫ Officeconnect 1920s 8g Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	72.12%	0.987

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
security-alert@hpe.com	8.8	2.8	5.9	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04383en_us

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-37932

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-37932

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-37932

EUVD