97 matches found
CVE-2024-51769
CVE-2024-51769 describes an information-disclosure vulnerability in Hewlett Packard Enterprise AutoPass License Server (APLS) prior to version 9.17. The root cause, per the ZDI advisory, is a lack of proper validation of a user-supplied string used to construct SQL queries within the web service ...
CVE-2024-51768
An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server APLS prior to 9.17...
CVE-2024-51768
An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server APLS prior to 9.17...
CVE-2024-51768
An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server APLS prior to 9.17...
CVE-2024-51768
The CVE-2024-51768 entry concerns Hewlett Packard Enterprise AutoPass License Server (APLS) prior to 9.17, where the hsqldb component is the root cause. Public advisories describe an RCE via the hsqldb service, which listens on TCP port 9001; an attacker with network access can potentially execut...
CVE-2024-51767
An authentication bypass vulnerability exists in HPE AutoPass License Server APLS prior to 9.17...
CVE-2024-51767
Hewlett Packard Enterprise AutoPass License Server (APLS) before version 9.17 contains an authentication bypass in the web service listening on port 5814. The flaw arises from an authorization decision based on a non-canonical URL, enabling remote network attackers to bypass authentication withou...
CVE-2024-51767
An authentication bypass vulnerability exists in HPE AutoPass License Server APLS prior to 9.17...
HPE AutoPass License Server 安全漏洞
HPE AutoPass License Server is a license management system from HPE America. A security vulnerability exists in HPE AutoPass License Server versions prior to 9.17 that stems from an information disclosure...
HPE AutoPass License Server 安全漏洞
HPE AutoPass License Server is a license management system from HPE America. A security vulnerability exists in HPE AutoPass License Server versions prior to 9.17, which stems from an hsqldb-related vulnerability that could lead to remote code execution...
HPE AutoPass License Server 安全漏洞
HPE AutoPass License Server is a license management system from HPE America. A security vulnerability exists in HPE AutoPass License Server versions prior to 9.17 that stems from an information disclosure...
HPE AutoPass License Server 安全漏洞
HPE AutoPass License Server is a license management system from HPE America. A security vulnerability exists in HPE AutoPass License Server versions prior to 9.17 that stems from an authentication bypass...
The vulnerability of the software for managing software product licenses in HPE AutoPass License Server arises from incorrect restrictions on XML links to external objects. This allows a perpetrator to access confidential information.
The vulnerability of the software for managing HPE AutoPass License Server product licenses is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability could allow an attacker to access confidential information...
The vulnerability of the software for managing software product licenses in HPE AutoPass License Server lies in insufficient validation of input data, allowing a perpetrator to execute arbitrary code.
The vulnerability of the software for managing HPE AutoPass License Server products is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the software for managing software product licenses in HPE AutoPass License Server lies in the authentication procedures’ deficiencies, which allow a perpetrator to bypass the authentication process.
The vulnerability of the software for managing HPE AutoPass License Server products is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to bypass the authentication process remotely...
The vulnerability of the software for managing software product licenses in HPE AutoPass License Server lies in the lack of protective measures for the SQL query structure, allowing attackers to access confidential information.
The vulnerability of the software for managing HPE AutoPass License Server products is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow an attacker to access confidential information...
Hewlett Packard Enterprise AutoPass License Server XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise AutoPass License Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 58...
Hewlett Packard Enterprise AutoPass License Server hsqldb Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise AutoPass License Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific fl...
Hewlett Packard Enterprise AutoPass License Server Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Hewlett Packard Enterprise AutoPass License Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 5814 by...
Hewlett Packard Enterprise AutoPass License Server SQL Injection Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise AutoPass License Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 58...