Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-37934

A potential security vulnerability has been identified in HPE OfficeConnect 1820, and 1850 switch series. The vulnerability could be remotely exploited to allow remote directory traversal in HPE OfficeConnect 1820 switch series version PT.02.17 and below, HPE OfficeConnect 1850 switch series version PC.01.23 and below, and HPE OfficeConnect 1850 (10G aggregator) switch version PO.01.22 and below.

Published

2023-01-05T07:15:10.257

Last Modified

2025-04-10T16:15:20.107

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.8 (MEDIUM)

Weaknesses

Type: Primary
CWE-22
Type: Secondary
CWE-22

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	hp	officeconnect_1820_24g_poe\+_\(185w\)_switch_j9983a_firmware	< pt.02.17	Yes
Hardware	hp	officeconnect_1820_24g_poe\+_\(185w\)_switch_j9983a	-	No
Operating System	hp	officeconnect_1820_48g_poe\+_\(370w\)_switch_j9984a_firmware	< pt.02.17	Yes
Hardware	hp	officeconnect_1820_48g_poe\+_\(370w\)_switch_j9984a	-	No
Operating System	hp	officeconnect_1820_8g_poe\+_\(65w\)_switch_j9982a_firmware	< pt.02.17	Yes
Hardware	hp	officeconnect_1820_8g_poe\+_\(65w\)_switch_j9982a	-	No
Operating System	hp	officeconnect_1820_8g_switch_j9979a_firmware	< pt.02.17	Yes
Hardware	hp	officeconnect_1820_8g_switch_j9979a	-	No
Operating System	hpe	officeconnect_1850_24g_2xgt_firmware	< pc.01.23	Yes
Hardware	hpe	officeconnect_1850_24g_2xgt	-	No
Operating System	hpe	officeconnect_1850_24g_2xgt_poe\+_firmware	< pc.01.23	Yes
Hardware	hpe	officeconnect_1850_24g_2xgt_poe\+	-	No
Operating System	hpe	officeconnect_1850_2xgt\/spf\+_firmware	< po.01.22	Yes
Hardware	hpe	officeconnect_1850_2xgt\/spf\+	-	No
Operating System	hpe	officeconnect_1850_48g_4xgt_firmware	< pc.01.23	Yes
Hardware	hpe	officeconnect_1850_48g_4xgt	-	No
Operating System	hpe	officeconnect_1850_48g_4xgt_poe\+_firmware	< pc.01.23	Yes
Hardware	hpe	officeconnect_1850_48g_4xgt_poe\+	-	No
Operating System	hpe	officeconnect_1850_6xgt_firmware	< pc.01.23	Yes
Hardware	hpe	officeconnect_1850_6xgt	-	No

References

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04401en_us Vendor Advisory ([email protected])
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04401en_us Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)