HPE OneView: Critical vulnerability allows code smuggling from the network

In HPE's OneView, malicious actors can inject malicious code from the network without authentication. An update is available.
TechRadar

HPE tells customers to patch OneView immediately as top-level security flaw spotted

HPE patches critical RCE flaw (CVE‑2025‑37164) in OneView, severity 10/10 Exploitation could allow attackers to reconfigure servers, deploy malware, or create persistent backdoors Users must upgrade ...
Network World

HPE OneView vulnerable to remote code execution attack

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately.
Ars Technica

HPE OneView and updating firmware

I've got a small amount of HPE equipment which needs regular firmware updates, and I've been looking at the HPE OneView appliance to do this. I'm a bit confused though - do I need a separate install ...
Network World

HP expands OneView into VMware environs

Hewlett-Packard is expanding the scope of its OneView infrastructure management console, releasing a OneView plug-in that should help system administrators more efficiently manage their VMware vCenter ...
Datacenter Dynamics

HPE eyes composable future, announces OneView 3.0

At its annual Discover conference in Las Vegas, Hewlett Packard Enterprise has announced the upcoming release of infrastructure management application OneView 3.0, which applies software-defined ...
PC World

HP expands OneView into VMware environs

Hewlett-Packard is expanding the scope of its OneView infrastructure management console, releasing a OneView plug-in that should help system administrators more efficiently manage their VMware vCenter ...