CVE-2022-37932
CVE-2022-37932
In short
A flaw in HPE OfficeConnect switches allows attackers to bypass authentication from the network, potentially gaining unauthorized access to the device without valid credentials.
Technical detail
Remote authentication bypass vulnerability in HPE OfficeConnect 1820, 1850, and 1920S switches affects versions before PT.02.14, PC.01.22, PO.01.21, and PD.02.22. Exploitation requires network connectivity to the affected switch and bypasses credential verification mechanisms, potentially granting administrative access.
Summary generated and translated by AI from the official description.
A potential security vulnerability has been identified in Hewlett Packard Enterprise OfficeConnect 1820, 1850, and 1920S Network switches. The vulnerability could be remotely exploited to allow authentication bypass. HPE has made the following software updates to resolve the vulnerability in Hewlett Packard Enterprise OfficeConnect 1820, 1850 and 1920S Network switches versions: Prior to PT.02.14; Prior to PC.01.22; Prior to PO.01.21; Prior to PD.02.22;
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Hewlett Packard Enterprise (HPE) · Hewlett Packard Enterprise OfficeConnect 1820, 1850, and 1920S Network switchesWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →