Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
hpHP Product Security Response TeamHPSBPI03856
HistoryJul 20, 2023 - 12:00 a.m.

HP Security Manager and Web Jetadmin - Potential remote code execution

2023-07-2000:00:00
HP Product Security Response Team
support.hp.com
3
hp
web jetadmin
remote code execution
microsoft sql server
vulnerability
security patches
installation security

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.8%

JSON

HP Security Manager and Web Jetadmin may potentially be vulnerable to Remote Code Execution when using certain versions of Microsoft SQL Server Express.

For additional information regarding the potential vulnerability and Microsoft SQL security patches for existing installations, please visit the following web page:

Related

mskb 19
prion 2
nvd 2
mscve 2
kaspersky 2
cve 2
nessus 2
cvelist 2
attackerkb 1
rapid7blog 2
mskb
mskb
KB5014356 - Description of the security update for SQL Server 2019 GDR: June 14, 2022
2022-06-14 07:00:00
KB5014553 - Description of the security update for SQL Server 2017 CU29: June 14, 2022
2022-06-14 07:00:00
KB5014365 - Description of the security update for SQL Server 2016 SP2 GDR: June 14, 2022
2022-06-14 07:00:00
prion
prion
Remote code execution
2022-06-15 22:15:00
Privilege escalation
2021-01-12 20:15:00
nvd
nvd
CVE-2022-29143
2022-06-15 22:15:13
CVE-2021-1636
2021-01-12 20:15:30
mscve
mscve
Microsoft SQL Server Remote Code Execution Vulnerability
2022-06-14 07:00:00
Microsoft SQL Elevation of Privilege Vulnerability
2021-01-12 08:00:00
kaspersky
kaspersky
KLA12562 RCE vulnerability in Microsoft SQL Server
2022-06-14 00:00:00
KLA12043 PE vulnerability in Microsoft SQL Server
2021-01-12 00:00:00
cve
cve
CVE-2022-29143
2022-06-15 22:15:13
CVE-2021-1636
2021-01-12 20:15:30
nessus
nessus
Security Updates for Microsoft SQL Server (June 2022)
2022-06-17 00:00:00
Security Updates for Microsoft SQL Server (January 2021)
2021-01-15 00:00:00
cvelist
cvelist
CVE-2022-29143 Microsoft SQL Server Remote Code Execution Vulnerability
2022-06-15 21:51:15
CVE-2021-1636 Microsoft SQL Elevation of Privilege Vulnerability
2021-01-12 19:41:55
attackerkb
attackerkb
CVE-2021-1636
2021-01-12 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - June 2022
2022-06-14 19:37:50
Patch Tuesday - January 2021
2021-01-12 23:59:00

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.8%

JSON
Related for HPSBPI03856
mskb19prion2nvd2mscve2kaspersky2cve2nessus2cvelist2attackerkb1rapid7blog2