Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-37933

A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. The vulnerability could be exploited to allow local unauthorized data injection. HPE has made the following software updates to resolve the vulnerability in HPE Superdome Flex firmware 3.60.50 and below and Superdome Flex 280 servers firmware 1.40.60 and below.

Published

2023-01-05T07:15:09.997

Last Modified

2025-04-10T16:15:19.937

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.3 (HIGH)

Weaknesses

Type: Primary
CWE-74
Type: Secondary
CWE-74

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	hpe	superdome_flex_280_firmware	< 1.40.60	Yes
Hardware	hpe	superdome_flex_280	-	No
Operating System	hpe	superdome_flex_firmware	< 3.60.50	Yes
Hardware	hpe	superdome_flex	-	No

References

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04400en_us Vendor Advisory ([email protected])
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04400en_us Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)