CVE-2024-42508

CVE-2024-42508

Vendor Hewlett Packard Enterprise (Hpe)

Product HPE OneView

Weakness CWE-200 · Info exposure

Published October 18, 2024

Last update March 17, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

This vulnerability could be exploited, leading to unauthorized disclosure of information to authenticated users.

Key dates

02Disclosure timeline

October 18, 2024 CVE published

March 17, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-42508 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/200.html

Related vulnerabilities

04Related CVE

CVE-2025-55165 Autocaliweb Exposure of Sensitive Information to an Unauthorized Actor in `config_sql.py` CVE-2026-41278 Flowise: Public chatflow endpoints return unsanitized flowData including plaintext API keys, passwords, and credential IDs CVE-2024-42339 CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CVE-2023-50968 Apache OFBiz: Arbitrary file properties reading and SSRF attack CVE-2024-6398