CVE-2022-37932 - OpenCVE

A potential security vulnerability has been identified in Hewlett Packard Enterprise OfficeConnect 1820, 1850, and 1920S Network switches. The vulnerability could be remotely exploited to allow authentication bypass. HPE has made the following software updates to resolve the vulnerability in Hewlett Packard Enterprise OfficeConnect 1820, 1850 and 1920S Network switches versions: Prior to PT.02.14; Prior to PC.01.22; Prior to PO.01.21; Prior to PD.02.22;

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Hpe	Officeconnect 1920s 8g Officeconnect 1920s 48g 4sfp Ppoe\+ Officeconnect 1850 24g 2xgt Officeconnect 1920s 48g 4sfp Firmware Officeconnect 1920s 24g 2sfp Ppoe\+ Firmware Officeconnect 1920s 8g Ppoe\+ Firmware Officeconnect 1920s 24g 2sfp Officeconnect 1920s 24g 2sfp Ppoe\+ Officeconnect 1850 48g 4xgt Poe\+ Firmware Officeconnect 1850 48g 4xgt Poe\+ Officeconnect 1820 J9981a Officeconnect 1850 24g 2xgt Poe\+ Firmware Officeconnect 1820 J9984a Officeconnect 1850 6xgt Officeconnect 1820 J9984a Firmware Officeconnect 1850 2xgt\/spf\+ Officeconnect 1850 6xgt Firmware Officeconnect 1920s 24g 2sfp Poe\+ Firmware Officeconnect 1820 J9980a Officeconnect 1920s 48g 4sfp Officeconnect 1920s 8g Firmware Officeconnect 1920s 24g 2sfp Firmware Officeconnect 1820 J9979a Officeconnect 1850 24g 2xgt Poe\+ Officeconnect 1850 48g 4xgt Officeconnect 1820 J9979a Firmware Officeconnect 1850 24g 2xgt Firmware Officeconnect 1820 J9980a Firmware Officeconnect 1820 J9983a Firmware Officeconnect 1920s 24g 2sfp Poe\+ Officeconnect 1920s 8g Ppoe\+ Officeconnect 1920s 48g 4sfp Ppoe\+ Firmware Officeconnect 1850 48g 4xgt Firmware Officeconnect 1820 J9982a Officeconnect 1820 J9982a Firmware Officeconnect 1820 J9981a Firmware Officeconnect 1820 J9983a Officeconnect 1850 2xgt\/spf\+ Firmware

Configuration 1 [-]

AND

cpe:2.3:o:hpe:officeconnect_1820_j9979a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hpe:officeconnect_1820_j9979a:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:hpe:officeconnect_1820_j9982a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hpe:officeconnect_1820_j9982a:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:hpe:officeconnect_1820_j9980a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hpe:officeconnect_1820_j9980a:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:hpe:officeconnect_1820_j9983a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hpe:officeconnect_1820_j9983a:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:hpe:officeconnect_1820_j9981a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hpe:officeconnect_1820_j9981a:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:hpe:officeconnect_1820_j9984a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hpe:officeconnect_1820_j9984a:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:hpe:officeconnect_1850_24g_2xgt_poe\+_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hpe:officeconnect_1850_24g_2xgt_poe\+:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:hpe:officeconnect_1850_24g_2xgt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hpe:officeconnect_1850_24g_2xgt:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:hpe:officeconnect_1850_48g_4xgt_poe\+_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hpe:officeconnect_1850_48g_4xgt_poe\+:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:hpe:officeconnect_1850_48g_4xgt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hpe:officeconnect_1850_48g_4xgt:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:hpe:officeconnect_1850_6xgt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hpe:officeconnect_1850_6xgt:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:hpe:officeconnect_1850_2xgt\/spf\+_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hpe:officeconnect_1850_2xgt\/spf\+:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:hpe:officeconnect_1920s_24g_2sfp_poe\+_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hpe:officeconnect_1920s_24g_2sfp_poe\+:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:hpe:officeconnect_1920s_24g_2sfp_ppoe\+_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hpe:officeconnect_1920s_24g_2sfp_ppoe\+:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:hpe:officeconnect_1920s_24g_2sfp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hpe:officeconnect_1920s_24g_2sfp:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:hpe:officeconnect_1920s_48g_4sfp_ppoe\+_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hpe:officeconnect_1920s_48g_4sfp_ppoe\+:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:hpe:officeconnect_1920s_48g_4sfp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hpe:officeconnect_1920s_48g_4sfp:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:hpe:officeconnect_1920s_8g_ppoe\+_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hpe:officeconnect_1920s_8g_ppoe\+:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:hpe:officeconnect_1920s_8g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hpe:officeconnect_1920s_8g:-:*:*:*:*:*:*:*

References

Link	Resource
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04383en_us	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: hpe

Published: 2022-11-30T15:23:14.750Z

Updated: 2022-12-12T12:11:04.548862Z

Reserved: 2022-08-08T18:49:44.386Z

Link: CVE-2022-37932

JSON object: View

NVD Information

Status : Modified

Published: 2022-12-12T13:15:14.360

Modified: 2023-11-07T03:49:56.697

Link: CVE-2022-37932

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo