A potential security vulnerability has been identified in HPE OfficeConnect 1820, and 1850 switch series. The vulnerability could be remotely exploited to allow remote directory traversal in HPE OfficeConnect 1820 switch series version PT.02.17 and below, HPE OfficeConnect 1850 switch series version PC.01.23 and below, and HPE OfficeConnect 1850 (10G aggregator) switch version PO.01.22 and below.
References
Link | Resource |
---|---|
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04401en_us | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
History
07 Nov 2023, 03:49
Type | Values Removed | Values Added |
---|---|---|
Summary | A potential security vulnerability has been identified in HPE OfficeConnect 1820, and 1850 switch series. The vulnerability could be remotely exploited to allow remote directory traversal in HPE OfficeConnect 1820 switch series version PT.02.17 and below, HPE OfficeConnect 1850 switch series version PC.01.23 and below, and HPE OfficeConnect 1850 (10G aggregator) switch version PO.01.22 and below. |
12 Jan 2023, 13:47
Type | Values Removed | Values Added |
---|---|---|
First Time |
Hpe officeconnect 1850 48g 4xgt Poe\+
Hpe officeconnect 1850 24g 2xgt Hpe Hpe officeconnect 1850 2xgt\/spf\+ Hp officeconnect 1820 8g Switch J9979a Firmware Hp officeconnect 1820 48g Poe\+ \(370w\) Switch J9984a Hpe officeconnect 1850 6xgt Firmware Hpe officeconnect 1850 48g 4xgt Firmware Hpe officeconnect 1850 48g 4xgt Poe\+ Firmware Hpe officeconnect 1850 48g 4xgt Hp officeconnect 1820 8g Switch J9979a Hp officeconnect 1820 8g Poe\+ \(65w\) Switch J9982a Hpe officeconnect 1850 2xgt\/spf\+ Firmware Hp officeconnect 1820 24g Poe\+ \(185w\) Switch J9983a Firmware Hp officeconnect 1820 24g Poe\+ \(185w\) Switch J9983a Hpe officeconnect 1850 24g 2xgt Poe\+ Firmware Hpe officeconnect 1850 24g 2xgt Poe\+ Hp officeconnect 1820 48g Poe\+ \(370w\) Switch J9984a Firmware Hp officeconnect 1820 8g Poe\+ \(65w\) Switch J9982a Firmware Hpe officeconnect 1850 24g 2xgt Firmware Hpe officeconnect 1850 6xgt Hp |
|
CPE | cpe:2.3:h:hpe:officeconnect_1850_24g_2xgt_poe\+:-:*:*:*:*:*:*:* cpe:2.3:h:hp:officeconnect_1820_8g_poe\+_\(65w\)_switch_j9982a:-:*:*:*:*:*:*:* cpe:2.3:h:hp:officeconnect_1820_8g_switch_j9979a:-:*:*:*:*:*:*:* cpe:2.3:o:hpe:officeconnect_1850_48g_4xgt_poe\+_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:hpe:officeconnect_1850_48g_4xgt_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:hpe:officeconnect_1850_48g_4xgt:-:*:*:*:*:*:*:* cpe:2.3:h:hpe:officeconnect_1850_24g_2xgt:-:*:*:*:*:*:*:* cpe:2.3:h:hpe:officeconnect_1850_48g_4xgt_poe\+:-:*:*:*:*:*:*:* cpe:2.3:o:hp:officeconnect_1820_24g_poe\+_\(185w\)_switch_j9983a_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:hpe:officeconnect_1850_6xgt:-:*:*:*:*:*:*:* cpe:2.3:o:hpe:officeconnect_1850_24g_2xgt_poe\+_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:hpe:officeconnect_1850_2xgt\/spf\+_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:hp:officeconnect_1820_48g_poe\+_\(370w\)_switch_j9984a_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:hpe:officeconnect_1850_2xgt\/spf\+:-:*:*:*:*:*:*:* cpe:2.3:o:hpe:officeconnect_1850_6xgt_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:hp:officeconnect_1820_8g_poe\+_\(65w\)_switch_j9982a_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:hp:officeconnect_1820_24g_poe\+_\(185w\)_switch_j9983a:-:*:*:*:*:*:*:* cpe:2.3:o:hpe:officeconnect_1850_24g_2xgt_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:hp:officeconnect_1820_8g_switch_j9979a_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:hp:officeconnect_1820_48g_poe\+_\(370w\)_switch_j9984a:-:*:*:*:*:*:*:* |
|
References | (MISC) https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04401en_us - Vendor Advisory | |
CWE | CWE-22 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
05 Jan 2023, 07:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-01-05 07:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-37934
Mitre link : CVE-2022-37934
CVE.ORG link : CVE-2022-37934
JSON object : View
Products Affected
hp
- officeconnect_1820_8g_switch_j9979a
- officeconnect_1820_24g_poe\+_\(185w\)_switch_j9983a_firmware
- officeconnect_1820_8g_poe\+_\(65w\)_switch_j9982a
- officeconnect_1820_8g_poe\+_\(65w\)_switch_j9982a_firmware
- officeconnect_1820_48g_poe\+_\(370w\)_switch_j9984a_firmware
- officeconnect_1820_48g_poe\+_\(370w\)_switch_j9984a
- officeconnect_1820_24g_poe\+_\(185w\)_switch_j9983a
- officeconnect_1820_8g_switch_j9979a_firmware
hpe
- officeconnect_1850_48g_4xgt_poe\+_firmware
- officeconnect_1850_6xgt_firmware
- officeconnect_1850_48g_4xgt
- officeconnect_1850_2xgt\/spf\+
- officeconnect_1850_24g_2xgt_firmware
- officeconnect_1850_2xgt\/spf\+_firmware
- officeconnect_1850_48g_4xgt_poe\+
- officeconnect_1850_24g_2xgt_poe\+
- officeconnect_1850_6xgt
- officeconnect_1850_24g_2xgt_poe\+_firmware
- officeconnect_1850_24g_2xgt
- officeconnect_1850_48g_4xgt_firmware
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')