CNNVD-202506-3285 Information

Jun 26, 2025 cve

CNNVD ID

CNNVD-202506-3285

CVE-2025-37101

  • CNNVD Published: 2025-06-26

Description (Chinese)

Hewlett Packard Enterprise OneView for VMware vCenter是美国慧与(Hewlett Packard Enterprise)公司的一款用于管理HPE ProLiant服务器和存储系统的VMware vCenter服务器管理软件插件。 Hewlett Packard Enterprise OneView for VMware vCenter存在安全漏洞,该漏洞源于具有只读权限的攻击者可利用垂直权限提升漏洞执行管理员操作。

Description (English)

Hewlett Packard Enterprise OneView for VMware vCenter is a VMware vCenter server management plugin for Hewlett Packard Enterprise to manage HPE ProLiant servers and storage systems. Hewlett Packard Enterprise OneView for VMware vCenter has a security loophole, which stems from the fact that an attacker with read-only privileges can use the vertical permission to enhance the bug for the administrator.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

慧与科技

Published

2025-06-26

Last Modified

2026-02-24

References

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn04876en_us&docLocale=en_US

Patch

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn04876en_us&docLocale=en_US

Share on: