Close Menu
Indo Guard OnlineIndo Guard Online
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
What's Hot

New company Atomic MacOS Campation Exploaits Clickfix to focus on Apple users

June 6, 2025

Microsoft helps CBI disassemble the Indian Centers for Japanese Technical Support

June 6, 2025

Expand users’ capabilities and protect against Genai data loss

June 6, 2025
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram YouTube
Indo Guard OnlineIndo Guard Online
Subscribe
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
Indo Guard OnlineIndo Guard Online
Home » HPE releases security patch for Storeonce error, which allows by -by -distance authentication
Global Security

HPE releases security patch for Storeonce error, which allows by -by -distance authentication

AdminBy AdminJune 4, 2025No Comments2 Mins Read
HPE Issues Security Patch
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link


04 June 2025Hacker NewsVulnerability / devops

HPE releases security patch

The Hewlett Packard Enterprise (HPE) has released security updates to solve as much as eight vulnerabilities in its reserve and deduction STORONCE data solution, which could lead to authentication and deleted code.

“These vulnerabilities can be deleted to allow the remote code, disclosure, the forgery of the server request, authentication patency, arbitrary deletion of files and vulnerability to the catalogs of information,” HPE, “HPE” – Note In advisory.

This includes a critical security deficiency, tracked as the CVE-2025-37093, which is estimated by 9.8 in the CVS count. This has been described as an authentication error that affects all versions of the software up to 4.3.11. The vulnerability, together with the rest, reported the supplier on October 31, 2024.

Cybersecurity

According to the Zero Day (ZDI) initiative, which counted an anonymous researcher for detecting and shortcoming report, the problem was implemented in the implementation of the Machinaccountcheck method.

“The problem arises as a result of incorrect implementation of authentication algorithm,” Zdi – Note. “The attacker can use this vulnerability to bypass the authentication in the system.”

Successful operation of the CVE-2025-37093 can allow remote attacker to bypass the authentication at the affected institutions. What makes the vulnerability more serious, this is what it can be paved with the rest of the shortcomings to achieve the code, disclosure and Arbitrary removal of files In the context of the root –

  • Cve-2025-37089-performance remote code
  • Cve-2025-37090-tip on the server side
  • Cve-2025-37091-performance remote code
  • Cve-2025-37092-performing remote code
  • Cve-2025-37093-baip authentication
  • Cve-2025-37094-catalog arbitrary file deletion files
  • Cve-2025-37095-disclosure of information about the transition to the catalog
  • Cve-2025-37096-performance of remote code
Cybersecurity

Disclosure occurs when HPE also ships patches to resolve multiple disadvantages of critical situation HPE TELCO SERVICE Orchestrator (Cve-2025-31651CVSS’s assessment: 9.8) and Oneview (Cve-2024-38475. Cve-2024-38476.

While there is no active operation, it is important that users apply the latest updates to optimal protection.

Found this article interesting? This article is a contribution to one of our esteemed partners. Keep track of us further Youter  and LinkedIn To read more exclusive content we publish.





Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Admin
  • Website

Related Posts

New company Atomic MacOS Campation Exploaits Clickfix to focus on Apple users

June 6, 2025

Microsoft helps CBI disassemble the Indian Centers for Japanese Technical Support

June 6, 2025

Expand users’ capabilities and protect against Genai data loss

June 6, 2025

Why are more security leaders choose AEV

June 6, 2025

New data Wiper Pathwiper Data Wiper violates Ukrainian critical infrastructure in 2025 attack

June 6, 2025

Popular Chrome Extensions API leaks, user data via HTTP and Hard Codes

June 5, 2025
Add A Comment
Leave A Reply Cancel Reply

Loading poll ...
Coming Soon
Do You Like Our Website
: {{ tsp_total }}

Subscribe to Updates

Get the latest security news from Indoguardonline.com

Latest Posts

New company Atomic MacOS Campation Exploaits Clickfix to focus on Apple users

June 6, 2025

Microsoft helps CBI disassemble the Indian Centers for Japanese Technical Support

June 6, 2025

Expand users’ capabilities and protect against Genai data loss

June 6, 2025

Why are more security leaders choose AEV

June 6, 2025

New data Wiper Pathwiper Data Wiper violates Ukrainian critical infrastructure in 2025 attack

June 6, 2025

Popular Chrome Extensions API leaks, user data via HTTP and Hard Codes

June 5, 2025

Researchers in detail in detail decisively developing tactics as it expands its geographical volume

June 5, 2025

Iran related

June 5, 2025
About Us
About Us

Provide a constantly updating feed of the latest security news and developments specific to Indonesia.

Facebook X (Twitter) Pinterest YouTube WhatsApp
Our Picks

New company Atomic MacOS Campation Exploaits Clickfix to focus on Apple users

June 6, 2025

Microsoft helps CBI disassemble the Indian Centers for Japanese Technical Support

June 6, 2025

Expand users’ capabilities and protect against Genai data loss

June 6, 2025
Most Popular

In Indonesia, crippling immigration ransomware breach sparks privacy crisis

July 6, 2024

Why Indonesia’s Data Breach Crisis Calls for Better Security

July 6, 2024

Indonesia’s plan to integrate 27,000 govt apps in one platform welcomed but data security concerns linger

July 6, 2024
© 2025 indoguardonline.com
  • Home
  • About us
  • Contact us
  • Privacy Policy

Type above and press Enter to search. Press Esc to cancel.