Network World

HPE OneView vulnerable to remote code execution attack

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately.
heise online

HPE OneView: Critical vulnerability allows code smuggling from the network

A critical security vulnerability has been discovered in HPE OneView, allowing attackers to inject and execute malicious code. As this is possible from the internet without prior authentication, the ...

HPE tells customers to patch OneView immediately as top-level security flaw spotted

HPE has patched a maximum-severity vulnerability in its OneView platform which could cause quite several problems to enterprises.