Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.HP_DEVICE_MANAGER_RMI_UNAUTHENTICATED.NBIN
HistoryOct 09, 2020 - 12:00 a.m.

HP Device Manager Unauthenticated 'HPDM Server RMI' SQLi (CVE-2020-6926) (remote)

2020-10-0900:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
58
JSON

The HP Device Manager Server RMI object ‘HPDM Server RMI’ listening on the remote Windows host does not enforce client certificate validation. It is, therefore, affected by an unauthenticated RMI object call vulnerability that can allow an unauthenticated remote attacker to inject HQL that injects SQL that will run on the bundled PostgreSQL database.

Binary data hp_device_manager_rmi_unauthenticated.nbin
VendorProductVersionCPE
hphp_device_managerx-cpe:/a:hp:hp_device_manager

Related

cve 1
nessus 1
attackerkb 1
hp 1
rapid7blog 1
cve
cve
CVE-2020-6926
2022-02-25 11:32:11
nessus
nessus
HP Device Manager 4.x < 4.7 SP 13 / 5.x < 5.0.4 Multiple Vulnerabilities
2020-10-07 00:00:00
attackerkb
attackerkb
Multiple vulnerabilities in HP Device Manager
2020-10-06 00:00:00
hp
hp
HPSBHF03689 rev. 2 - HP Device Manager Weak Cipher Implementation, Remote Method Invocation, and Elevation of Privilege
2020-09-25 00:00:00
rapid7blog
rapid7blog
HP Device Manager Cavalcade of Critical CVEs (CVE-2020-6925:6927): What You Need to Know
2020-10-02 17:06:15
JSON
Related for HP_DEVICE_MANAGER_RMI_UNAUTHENTICATED.NBIN
cve1nessus1attackerkb1hp1rapid7blog1