HPE OneView for VMware vCenter Vulnerability Allows Elevated Access

[Shane1145]

Hewlett Packard Enterprise (HPE) has issued a critical security bulletin warning customers of a significant vulnerability in its OneView for VMware vCenter (OV4VC) software.

The flaw, tracked as CVE-2025-37101, could allow attackers with only read-only privileges to escalate their access and perform administrative actions, putting enterprise IT environments at risk.

https://gbhackers.com/hpe-oneview-for-v ... erability/