BugZero | Hewlett Packard Enterprise BugID a00147462en_us - HPE OneView Global Dashboard

BugZero | Hewlett Packard Enterprise BugID a00147462en_us - HPE OneView Global Dashboard - Security Scanner Ut...

Hewlett Packard Enterprise - Defect ID: a00147462en_us

HPE OneView Global Dashboard - Security Scanner Utilities May Detect Weak Ciphers as Vulnerabilities in HPE OneView Global Dashboard 2.81 or Earlier

Hewlett Packard Enterprise - Defect ID: a00147462en_us

HPE OneView Global Dashboard - Security Scanner Utilities May Detect Weak Ciphers as Vulnerabilities in HPE OneView Global Dashboard 2.81 or Earlier

Last updated on April 11th, 2025

BugZero Risk Score
7.6 High

Overall: 7.6

Severity: 8.2

Community: 5.5

What is the BugZero Risk Score?

Hewlett Packard Enterprise Integration

Learn more about where this data comes from

Hewlett Packard Enterprise Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Priority: High

Description

Summary

Some security scanner utilities may detect weak ciphers vulnerabilities with TLS 1.2 ECDHE-RSA-AES256-GCM-SHA384 when running against HPE OneView Global Dashboard 2.81 or earlier.The following may be reported by scanner utilities as weak ciphers vulnerability:TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 ECDHE sect193r1 193 yes 96 lowTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 ECDHE sect193r2 193 yes 96 lowTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 ECDHE secp192k1 192 yes 96 lowTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 ECDHE secp192r1 192 yes 96 lowTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 ECDHE sect163k1 163 yes 81 lowTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 ECDHE sect163r1 163 yes 81 lowTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 ECDHE sect163r2 163 yes 81 lowTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 ECDHE secp160k1 160 yes 80 lowTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 ECDHE secp160r1 160 yes 80 lowTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 ECDHE secp160r2 160 yes 80 low

Scope

HPE OneView Global Dashboard version 2.81 or earlier.

Resolution

To resolve the issue, download and install or update to HPE OneView Global Dashboard version 2.90 or later.

Affected OS

Operating Systems Affected:OS Independent

Change history

2025-04-11 Added: HPE OneView Global Dashboard

Top Hewlett Packard Enterprise Defects

8.3Defect ID: a00156336en_us
HPE NVMe E3.S SSDs - Certain SSDs From Certain Option Kits May Fail After Being Updated to Drive Firmware Version HPK3
8.0Defect ID: a00156823en_us
HPE NVMe E3.S SSDs - HPE Synergy Service Pack (SSP) 2025.10.01 and SSP 2026.01.01 Releases May Cause SSDs Issues and Will be Re-Released
8.0Defect ID: a00156058en_us
HPE NVMe SSDs - Direct-Attached NVMe Drives Using a UBM6 Backplane May Randomly Disappear as "Removed" and Reappear as "Inserted" in the HPE Integrated Management Log
8.0Defect ID: a00144835en_us
HPE Multiple Platform Servers - Detecting Uncorrectable Memory Errors with 4th Gen and 5th Gen Intel Processors When Using Single And Multi-Ranked DIMMs and With Package C6 Enabled
7.7Defect ID: a00133193en_us
VMware - PSOD May Be Experienced On HPE ProLiant XL645d Gen10 Plus / HPE ProLiant Compute DL380a Gen12 Servers Running VMware ESXi 8.0 / 9.0 When a VM Is Started With an NVIDIA GPU Configured as a PCI Pass-Through Device

Ready to prevent the next vendor outage?

Get a demo

Hewlett Packard Enterprise - Defect ID: a00147462en_us

HPE OneView Global Dashboard - Security Scanner Utilities May Detect Weak Ciphers as Vulnerabilities in HPE OneView Global Dashboard 2.81 or Earlier

Hewlett Packard Enterprise - Defect ID: a00147462en_us

HPE OneView Global Dashboard - Security Scanner Utilities May Detect Weak Ciphers as Vulnerabilities in HPE OneView Global Dashboard 2.81 or Earlier

Last updated on April 11th, 2025

BugZero Risk Score7.6 High

Bug Details

Summary

Scope

Resolution

Affected OS

Links

Top Hewlett Packard Enterprise Defects

Ready to prevent the next vendor outage?

BugZero Risk Score
7.6 High