Code Injection in HPE OneView - CVE-2023-30912
Published: November 8, 2023 / Updated: November 15, 2023
HPE OneView
Detailed vulnerability description
The vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation within the Backup functionality. A remote administrator can send a specially crafted request and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.