Vulnerability
sysops

A significant security vulnerability in Hewlett-Packard Enterprise OneView for VMware vCenter (OV4VC) platform that could allow attackers with limited access to escalate their privileges to administrative levels. 

The vulnerability, tracked as CVE-2025-37101, affects all versions of the software prior to version 11.7 and carries a high CVSS severity score of 8.7, indicating a substantial risk to enterprise environments.

Summary1. HPE OneView for VMware vCenter has a privilege escalation flaw (CVE-2025-37101) allowing read-only users to gain admin access.2. The flaw affects all versions before v11.7, compromising system integrity and availability.3. All HPE OneView deployments with Operations Manager and Log Insight are vulnerable to unauthorized access.4. Immediately upgrade to v11.7 or later from My HPE Software Center to eliminate the security risk.

Vertical Privilege Escalation Flaw

The security flaw enables what cybersecurity experts term “Vertical Privilege Escalation,” where an attacker possessing only read-only privileges can exploit the vulnerability to perform administrative actions typically reserved for users with elevated permissions. 

According to HPE’s Product Security Response Team, this vulnerability could be exploited by malicious actors who have already gained initial access to the system with limited privileges.

The vulnerability is classified under the Common Vulnerability Scoring System (CVSS) Version 3.1 with a vector string of CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H. 

This technical notation indicates that the attack can be executed over a network with low complexity, requires low-level privileges, and involves user interaction, while potentially causing high impact to both the integrity and availability of the affected systems.

The vulnerability targets explicitly HPE OneView for VMware vCenter with Operations Manager and Log Insight components, making it particularly concerning for enterprises relying on HPE’s infrastructure management solutions. 

The ability for operators to perform admin actions through privilege escalation presents significant security risks, potentially allowing unauthorized configuration changes, data access, or system disruption.

Enterprise security teams should be particularly concerned about this vulnerability given its 8.7 CVSS base score, which places it in the “High” severity category. 

Risk FactorsDetailsAffected ProductsHPE OneView for VMware vCenter with Operations Manager and Log Insight – All versions prior to v11.7ImpactLocal Elevation of PrivilegeExploit Prerequisites– Network access to the system- Low-level privileges (read-only access)- User interaction required- Low attack complexityCVSS 3.1 Score8.7 (High)

Patch Available

HPE has released a comprehensive fix for this security issue through HPE OneView for VMware vCenter v11.7, which addresses the privilege escalation vulnerability. 

Organizations currently running affected versions should prioritize updating to this latest release, available through the My HPE Software Center portal.

IT administrators should implement the patch immediately to prevent potential exploitation of this vulnerability in production environments.

Security experts recommend that organizations audit their current HPE OneView deployments and expedite the upgrade process, particularly in environments where multiple users have varying levels of system access.

Investigate live malware behavior, trace every step of an attack, and make faster, smarter security decisions -> Try ANY.RUN now 

Related Posts

Bad actors have been observed targeting Docker remote API servers to deploy the SRBMiner crypto miner on compromised instances, according…

Elastic has disclosed two critical vulnerabilities affecting Kibana, the popular data visualization and exploration tool used with Elasticsearch. These vulnerabilities,…

Cybersecurity researchers have discovered a number of suspicious packages published to the npm registry that are designed to harvest Ethereum…