प्लेटफ़ॉर्म
hpe
घटक
hpe-oneview-for-vmware-vcenter
में ठीक किया गया
11.7
A security vulnerability has been identified in HPE OneView for VMware vCenter (OV4VC) that could allow an attacker to escalate privileges. This flaw allows a user with read-only access to perform administrative actions, effectively bypassing access controls. The vulnerability impacts versions of HPE OneView for VMware vCenter up to and including 11.7. A fix is available in version 11.7.
The impact of CVE-2025-37101 is significant due to the potential for vertical privilege escalation. An attacker who initially gains read-only access to the system could exploit this vulnerability to gain administrative privileges. This could allow them to modify system configurations, access sensitive data, and potentially compromise the entire environment. The ability to perform admin actions from a read-only account circumvents standard security controls and represents a serious escalation of risk. This vulnerability shares similarities with other privilege escalation exploits where seemingly limited access is leveraged to gain broader control.
This CVE was published on 2025-06-26. The vulnerability's severity is considered HIGH (CVSS 8.7). There is no indication of this vulnerability being on the CISA KEV catalog at this time. No public proof-of-concept (POC) exploits are currently known, but the potential for exploitation exists given the nature of privilege escalation vulnerabilities.
Organizations utilizing HPE OneView for VMware vCenter, particularly those with deployments where read-only accounts are granted broad access to system resources, are at significant risk. Shared hosting environments where multiple tenants share the same OneView instance are also particularly vulnerable, as a compromise of one tenant's read-only account could lead to broader system compromise.
• hpe / server:
Get-WinEvent -LogName Security -Filter "EventID=4624 -Message contains 'OneView'" | Where-Object {$_.Properties[0].Value -match 'Read-Only'}• hpe / server:
Get-Process | Where-Object {$_.ProcessName -match 'OneView'}• generic web:
curl -I https://<oneview_server>/admin/ | grep 'Server: HPE OneView' # Check for admin endpoint exposuredisclosure
एक्सप्लॉइट स्थिति
EPSS
0.05% (17% शतमक)
CISA SSVC
CVSS वेक्टर
The primary mitigation for CVE-2025-37101 is to upgrade HPE OneView for VMware vCenter to version 11.7 or later, which contains the fix. If an immediate upgrade is not feasible, consider implementing stricter access controls to limit the scope of read-only accounts. Review existing user permissions and ensure the principle of least privilege is enforced. Monitor system logs for any unusual activity or attempts to escalate privileges. While a direct WAF rule is unlikely, consider implementing general rules to detect and block suspicious privilege escalation attempts.
Actualice HPE OneView for VMware vCenter a la versión 11.7 o posterior. Esta actualización corrige la vulnerabilidad de escalada de privilegios.
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
CVE-2025-37101 is a HIGH severity vulnerability in HPE OneView for VMware vCenter allowing an attacker with read-only access to perform admin actions.
You are affected if you are running HPE OneView for VMware vCenter versions equal to or less than 11.7. Upgrade to 11.7 or later to mitigate the risk.
Upgrade HPE OneView for VMware vCenter to version 11.7 or later. Implement stricter access controls as an interim measure.
There is currently no public evidence of active exploitation, but the potential exists given the vulnerability's nature.
Refer to the official HPE security advisory for detailed information and remediation steps: [https://support.hpe.com/hpesc/public/showSecurityAdvisoryDetail.jsp?advisoryNumber=c00372776]
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।