A potential security vulnerability has been identified in HPE OneView for VMware vCenter (OV4VC). This vulnerability could be exploited allowing an attacker with read only privilege to cause Vertical Privilege Escalation (operator can perform admin actions).
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.