By The Hacker News
Publication Date: 2025-12-18 14:39:00
Hewlett Packard Enterprise (HPE) has resolved a high-severity security flaw in OneView software that, if successfully exploited, could result in remote code execution.
The critical vulnerability, which was assigned the CVE identifier. CVE-2025-37164It has a CVSS score of 10.0. HPE A view is an IT infrastructure management software that streamlines IT operations and controls all systems through a centralized dashboard interface.
“A potential security vulnerability has been identified in Hewlett Packard Enterprise OneView software. This vulnerability could be exploited, allowing an unauthenticated remote user to perform remote code execution,” HPE saying in a notice issued this week.
Affects all versions of the software prior to version 11.00which solves the defect. The company also made available a hotfix that can be applied to OneView versions 5.20 through 10.20.
It is worth noting that the review should be…