nvd-json-data-feeds/CVE-2022/CVE-2022-379xx/CVE-2022-37933.json

{
  "id": "CVE-2022-37933",
  "sourceIdentifier": "security-alert@hpe.com",
  "published": "2023-01-05T07:15:09.997",
  "lastModified": "2023-11-07T03:49:56.800",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. The vulnerability could be exploited to allow local unauthorized data injection. HPE has made the following software updates to resolve the vulnerability in HPE Superdome Flex firmware 3.60.50 and below and Superdome Flex 280 servers firmware 1.40.60 and below.\n\n"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9
      },
      {
        "source": "eb103674-0d28-4225-80f8-39fb86215de0",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "HIGH",
          "userInteraction": "NONE",
          "scope": "CHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "HIGH",
          "availabilityImpact": "LOW",
          "baseScore": 7.3,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 5.3
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-74"
        }
      ]
    }
  ],
  "configurations": [
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:hpe:superdome_flex_280_firmware:*:*:*:*:*:*:*:*",
              "versionEndExcluding": "1.40.60",
              "matchCriteriaId": "39095A62-D90B-427B-84D6-74CCD20E024A"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:hpe:superdome_flex_280:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F53FBDD9-3730-40BC-AF98-A5E89EC9FA18"
            }
          ]
        }
      ]
    },
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:hpe:superdome_flex_firmware:*:*:*:*:*:*:*:*",
              "versionEndExcluding": "3.60.50",
              "matchCriteriaId": "21B960C7-35E5-4D54-82CC-BD9D4C6074E6"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:hpe:superdome_flex:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CCD5CF2-7FF2-4BBA-96B1-6E8F45F8A7D8"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04400en_us",
      "source": "security-alert@hpe.com",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}
bootstrap 2023-04-24 12:24:31 +02:00			`{`
			`"id": "CVE-2022-37933",`
			`"sourceIdentifier": "security-alert@hpe.com",`
			`"published": "2023-01-05T07:15:09.997",`
Auto-Update: 2023-11-07T21:02:52.274489+00:00 2023-11-07 21:03:21 +00:00			`"lastModified": "2023-11-07T03:49:56.800",`
			`"vulnStatus": "Modified",`
bootstrap 2023-04-24 12:24:31 +02:00			`"descriptions": [`
			`{`
			`"lang": "en",`
Auto-Update: 2023-11-07T21:02:52.274489+00:00 2023-11-07 21:03:21 +00:00			`"value": "A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. The vulnerability could be exploited to allow local unauthorized data injection. HPE has made the following software updates to resolve the vulnerability in HPE Superdome Flex firmware 3.60.50 and below and Superdome Flex 280 servers firmware 1.40.60 and below.\n\n"`
bootstrap 2023-04-24 12:24:31 +02:00			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",`
			`"attackVector": "LOCAL",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "LOW",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "HIGH",`
			`"availabilityImpact": "HIGH",`
			`"baseScore": 7.8,`
			`"baseSeverity": "HIGH"`
			`},`
			`"exploitabilityScore": 1.8,`
			`"impactScore": 5.9`
			`},`
			`{`
Auto-Update: 2023-11-07T21:02:52.274489+00:00 2023-11-07 21:03:21 +00:00			`"source": "eb103674-0d28-4225-80f8-39fb86215de0",`
bootstrap 2023-04-24 12:24:31 +02:00			`"type": "Secondary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L",`
			`"attackVector": "LOCAL",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "HIGH",`
			`"userInteraction": "NONE",`
			`"scope": "CHANGED",`
			`"confidentialityImpact": "LOW",`
			`"integrityImpact": "HIGH",`
			`"availabilityImpact": "LOW",`
			`"baseScore": 7.3,`
			`"baseSeverity": "HIGH"`
			`},`
			`"exploitabilityScore": 1.5,`
			`"impactScore": 5.3`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"description": [`
			`{`
			`"lang": "en",`
Auto-Update: 2023-11-07T21:02:52.274489+00:00 2023-11-07 21:03:21 +00:00			`"value": "CWE-74"`
bootstrap 2023-04-24 12:24:31 +02:00			`}`
			`]`
			`}`
			`],`
			`"configurations": [`
			`{`
			`"operator": "AND",`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:hpe:superdome_flex_280_firmware::::::::",`
			`"versionEndExcluding": "1.40.60",`
			`"matchCriteriaId": "39095A62-D90B-427B-84D6-74CCD20E024A"`
			`}`
			`]`
			`},`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:hpe:superdome_flex_280:-:::::::*",`
			`"matchCriteriaId": "F53FBDD9-3730-40BC-AF98-A5E89EC9FA18"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`{`
			`"operator": "AND",`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:hpe:superdome_flex_firmware::::::::",`
			`"versionEndExcluding": "3.60.50",`
			`"matchCriteriaId": "21B960C7-35E5-4D54-82CC-BD9D4C6074E6"`
			`}`
			`]`
			`},`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:hpe:superdome_flex:-:::::::*",`
			`"matchCriteriaId": "3CCD5CF2-7FF2-4BBA-96B1-6E8F45F8A7D8"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04400en_us",`
			`"source": "security-alert@hpe.com",`
			`"tags": [`
			`"Vendor Advisory"`
			`]`
			`}`
			`]`
			`}`