Hewlett Packard Enterprise's (HPE) OneView, a software designed to streamline the management of data center infrastructure, has been identified to contain three critical security vulnerabilities. These vulnerabilities could potentially be exploited to bypass authentication, disclose sensitive information, or launch a denial of service attack.
The first vulnerability, known as Remote Authentication Bypass Vulnerability (CVE-2023-30908), has a CVSS score of 9.8, indicating its severity. It permits an attacker to sidestep authentication procedures and gain unauthorized access to HPE OneView. This vulnerability is due to a flaw in the way HPE OneView processes user credentials. Exploitation of this vulnerability involves an attacker sending a specifically designed request to the HPE OneView server. This vulnerability was brought to light by Sina Kheirkhah (@SinSinology) of the Summoning Team (@SummoningTeam) in partnership with Trend Micro Zero Day Initiative.
The second vulnerability, OpenSSL Information Disclosure Vulnerability (CVE-2022-4304), could enable a remote attacker to access sensitive data like encryption keys and passwords. The flaw lies in how OpenSSL processes RSA decryption. An attacker can exploit this vulnerability by sending a specifically crafted request to the HPE OneView server.
The third vulnerability, OpenSSL Denial of Service Vulnerability (CVE-2022-4304), could potentially allow a remote attacker to instigate a denial of service (DoS) attack against HPE OneView. This vulnerability arises from the way OpenSSL handles the OBJ_obj2txt() function. An attacker can exploit this vulnerability by sending a specifically crafted request to the HPE OneView server.
HPE has acknowledged these vulnerabilities and released patches for the affected versions of HPE OneView. It is strongly recommended for users to apply these patches promptly to safeguard their systems from these vulnerabilities.