On 8 March 2022, HPE published Security Advisories to address vulnerabilities in the following products:
- HPE Alletra 6000 Witness OVA – versions 6.0.0.0, 5.3.x and 5.2.1.0
- HPE Nimble Storage – versions 6.0.0.0, 5.3.x and 5.2.1.0
- HPE B-Series SANnav – 2.2.0, 2.1.1, 2.1.0 and 2.0.0
- HPE Virtualized Converged NonStop – multiple versions
Exploitation of these vulnerabilities could lead to elevation of privilege or code execution.
The Canadian Cyber Centre encourages users and administrators to review the provided web links, perform the suggested mitigations and apply the necessary updates.
HPE Security Bulletin (hpesbst04258en_us)
HPE Security Bulletin (hpesbst04261en_us)
HPE Security Bulletin (hpesbns04260en_us)
