By Howard Solomon
Publication Date: 2025-12-19 06:22:00
A maximum severity remote code execution vulnerability in Hewlett Packard Enterprise’s (HPE) OneView network and systems management suite is “bad” and should be fixed immediately, a cybersecurity expert says.
“Vendors often downplay the severity of a vulnerability,” he says. Curtis Dukesexecutive vice president of security best practices at the Center for Internet Security, “but HPE didn’t do it; it’s a 10.”
The vulnerability is executable remotely by an unauthenticated user, he added, and affects all recent versions of the suite. On top of that, he noted, OneView is a central manager of IT infrastructure in organizations.
