- How many CVEs does Hewlett Packard Enterprise have?
- Hewlett Packard Enterprise has 895 published CVE records since 2002, including 170 in the last two years.
- How many Hewlett Packard Enterprise CVEs are in CISA KEV?
- Yes — 2 of Hewlett Packard Enterprise's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.
- Which Hewlett Packard Enterprise products have the most CVEs?
- The Hewlett Packard Enterprise products with the most published CVEs are intelligent Management Center (iMC) PLAT, Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central, Aruba ClearPass Policy Manager, ArubaOS (AOS), HPE Aruba Networking Wireless Operating System (AOS).
- What are the most common weakness types in Hewlett Packard Enterprise CVEs?
- Hewlett Packard Enterprise's CVEs most often map to these CWE weakness types: CWE-77 (Improper Neutralization of Special Elements used in a Command ('Command Injection')), CWE-78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')).
- Are there public exploits for Hewlett Packard Enterprise vulnerabilities?
- Yes — 30 of Hewlett Packard Enterprise's CVEs have a known public exploit.
- How many critical Hewlett Packard Enterprise vulnerabilities are there?
- Hewlett Packard Enterprise has 152 critical and 470 high-severity CVEs.
- What is the average severity of Hewlett Packard Enterprise CVEs?
- The average CVSS base score across Hewlett Packard Enterprise's scored CVEs is 7.6.