CVE-2022-37932

Published: Dec 12, 2022Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

A potential security vulnerability has been identified in Hewlett Packard Enterprise OfficeConnect 1820, 1850, and 1920S Network switches. The vulnerability could be remotely exploited to allow authentication bypass. HPE has made the following software updates to resolve the vulnerability in Hewlett Packard Enterprise OfficeConnect 1820, 1850 and 1920S Network switches versions: Prior to PT.02.14; Prior to PC.01.22; Prior to PO.01.21; Prior to PD.02.22;

Affected (19)

Hpe

19 products

Officeconnect 1820 J9979a Firmware

Officeconnect 1820 J9982a Firmware

Officeconnect 1820 J9980a Firmware

Officeconnect 1820 J9983a Firmware

Officeconnect 1820 J9981a Firmware

Officeconnect 1820 J9984a Firmware

Officeconnect 1850 24g 2xgt Poe+ Firmware

Officeconnect 1850 24g 2xgt Firmware

Officeconnect 1850 48g 4xgt Poe+ Firmware

Officeconnect 1850 48g 4xgt Firmware

Officeconnect 1850 6xgt Firmware

Officeconnect 1850 2xgt/spf+ Firmware

Officeconnect 1920s 24g 2sfp Poe+ Firmware

Officeconnect 1920s 24g 2sfp Ppoe+ Firmware

Officeconnect 1920s 24g 2sfp Firmware

Officeconnect 1920s 48g 4sfp Ppoe+ Firmware

Officeconnect 1920s 48g 4sfp Firmware

Officeconnect 1920s 8g Ppoe+ Firmware

Officeconnect 1920s 8g Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hpe Officeconnect 1820 J9979a Firmware	Before pt.02.14

Running on/with	Platform Versions
Hpe Officeconnect 1820 J9979a	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hpe Officeconnect 1820 J9982a Firmware	Before pt.02.14

Running on/with	Platform Versions
Hpe Officeconnect 1820 J9982a	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hpe Officeconnect 1820 J9980a Firmware	Before pt.02.14

Running on/with	Platform Versions
Hpe Officeconnect 1820 J9980a	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hpe Officeconnect 1820 J9983a Firmware	Before pt.02.14

Running on/with	Platform Versions
Hpe Officeconnect 1820 J9983a	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hpe Officeconnect 1820 J9981a Firmware	Before pt.02.14

Running on/with	Platform Versions
Hpe Officeconnect 1820 J9981a	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hpe Officeconnect 1820 J9984a Firmware	Before pt.02.14

Running on/with	Platform Versions
Hpe Officeconnect 1820 J9984a	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hpe Officeconnect 1850 24g 2xgt Poe+ Firmware	Before pc.01.22

Running on/with	Platform Versions
Hpe Officeconnect 1850 24g 2xgt Poe+	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hpe Officeconnect 1850 24g 2xgt Firmware	Before pc.01.22

Running on/with	Platform Versions
Hpe Officeconnect 1850 24g 2xgt	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hpe Officeconnect 1850 48g 4xgt Poe+ Firmware	Before pc.01.22

Running on/with	Platform Versions
Hpe Officeconnect 1850 48g 4xgt Poe+	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hpe Officeconnect 1850 48g 4xgt Firmware	Before pc.01.22

Running on/with	Platform Versions
Hpe Officeconnect 1850 48g 4xgt	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hpe Officeconnect 1850 6xgt Firmware	Before po.01.21

Running on/with	Platform Versions
Hpe Officeconnect 1850 6xgt	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hpe Officeconnect 1850 2xgt/spf+ Firmware	Before po.01.21

Running on/with	Platform Versions
Hpe Officeconnect 1850 2xgt/spf+	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hpe Officeconnect 1920s 24g 2sfp Poe+ Firmware	Before pd.02.22

Running on/with	Platform Versions
Hpe Officeconnect 1920s 24g 2sfp Poe+	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hpe Officeconnect 1920s 24g 2sfp Ppoe+ Firmware	Before pd.02.22

Running on/with	Platform Versions
Hpe Officeconnect 1920s 24g 2sfp Ppoe+	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hpe Officeconnect 1920s 24g 2sfp Firmware	Before pd.02.22

Running on/with	Platform Versions
Hpe Officeconnect 1920s 24g 2sfp	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hpe Officeconnect 1920s 48g 4sfp Ppoe+ Firmware	Before pd.02.22

Running on/with	Platform Versions
Hpe Officeconnect 1920s 48g 4sfp Ppoe+	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hpe Officeconnect 1920s 48g 4sfp Firmware	Before pd.02.22

Running on/with	Platform Versions
Hpe Officeconnect 1920s 48g 4sfp	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hpe Officeconnect 1920s 8g Ppoe+ Firmware	Before pd.02.22

Running on/with	Platform Versions
Hpe Officeconnect 1920s 8g Ppoe+	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hpe Officeconnect 1920s 8g Firmware	Before pd.02.22

Running on/with	Platform Versions
Hpe Officeconnect 1920s 8g	All versions

References (2)

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04383en_us

Source: security-alert@hpe.com

Vendor Advisory

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04383en_us

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.