Lucene search
K

97 matches found

CVE
CVE
added 2025/07/14 10:29 a.m.20 views

CVE-2024-51769

CVE-2024-51769 describes an information-disclosure vulnerability in Hewlett Packard Enterprise AutoPass License Server (APLS) prior to version 9.17. The root cause, per the ZDI advisory, is a lack of proper validation of a user-supplied string used to construct SQL queries within the web service ...

7.5CVSS6AI score0.00363EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/07/14 10:26 a.m.6 views

CVE-2024-51768

An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server APLS prior to 9.17...

0.00368EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/07/14 10:26 a.m.2 views

CVE-2024-51768

An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server APLS prior to 9.17...

8CVSS7.8AI score0.00368EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/14 10:26 a.m.2 views

CVE-2024-51768

An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server APLS prior to 9.17...

8AI score0.00368EPSS
Exploits0References1
CVE
CVE
added 2025/07/14 10:26 a.m.21 views

CVE-2024-51768

The CVE-2024-51768 entry concerns Hewlett Packard Enterprise AutoPass License Server (APLS) prior to 9.17, where the hsqldb component is the root cause. Public advisories describe an RCE via the hsqldb service, which listens on TCP port 9001; an attacker with network access can potentially execut...

8CVSS7.3AI score0.00368EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/07/14 10:18 a.m.8 views

CVE-2024-51767

An authentication bypass vulnerability exists in HPE AutoPass License Server APLS prior to 9.17...

0.01138EPSS
Exploits0References1
CVE
CVE
added 2025/07/14 10:18 a.m.23 views

CVE-2024-51767

Hewlett Packard Enterprise AutoPass License Server (APLS) before version 9.17 contains an authentication bypass in the web service listening on port 5814. The flaw arises from an authorization decision based on a non-canonical URL, enabling remote network attackers to bypass authentication withou...

7.3CVSS7.2AI score0.01138EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/14 10:18 a.m.2 views

CVE-2024-51767

An authentication bypass vulnerability exists in HPE AutoPass License Server APLS prior to 9.17...

7.3AI score0.01138EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/14 12:0 a.m.3 views

HPE AutoPass License Server 安全漏洞

HPE AutoPass License Server is a license management system from HPE America. A security vulnerability exists in HPE AutoPass License Server versions prior to 9.17 that stems from an information disclosure...

7.5CVSS6.2AI score0.00363EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/14 12:0 a.m.2 views

HPE AutoPass License Server 安全漏洞

HPE AutoPass License Server is a license management system from HPE America. A security vulnerability exists in HPE AutoPass License Server versions prior to 9.17, which stems from an hsqldb-related vulnerability that could lead to remote code execution...

8CVSS7.5AI score0.00368EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/14 12:0 a.m.4 views

HPE AutoPass License Server 安全漏洞

HPE AutoPass License Server is a license management system from HPE America. A security vulnerability exists in HPE AutoPass License Server versions prior to 9.17 that stems from an information disclosure...

7.5CVSS6.2AI score0.00363EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/14 12:0 a.m.3 views

HPE AutoPass License Server 安全漏洞

HPE AutoPass License Server is a license management system from HPE America. A security vulnerability exists in HPE AutoPass License Server versions prior to 9.17 that stems from an authentication bypass...

7.3CVSS6.7AI score0.01138EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/12/05 12:0 a.m.6 views

The vulnerability of the software for managing software product licenses in HPE AutoPass License Server arises from incorrect restrictions on XML links to external objects. This allows a perpetrator to access confidential information.

The vulnerability of the software for managing HPE AutoPass License Server product licenses is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability could allow an attacker to access confidential information...

7.8CVSS7.2AI score0.00363EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/05 12:0 a.m.6 views

The vulnerability of the software for managing software product licenses in HPE AutoPass License Server lies in insufficient validation of input data, allowing a perpetrator to execute arbitrary code.

The vulnerability of the software for managing HPE AutoPass License Server products is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

8CVSS7.8AI score0.00368EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/05 12:0 a.m.5 views

The vulnerability of the software for managing software product licenses in HPE AutoPass License Server lies in the authentication procedures’ deficiencies, which allow a perpetrator to bypass the authentication process.

The vulnerability of the software for managing HPE AutoPass License Server products is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to bypass the authentication process remotely...

7.5CVSS7.1AI score0.01138EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/05 12:0 a.m.4 views

The vulnerability of the software for managing software product licenses in HPE AutoPass License Server lies in the lack of protective measures for the SQL query structure, allowing attackers to access confidential information.

The vulnerability of the software for managing HPE AutoPass License Server products is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow an attacker to access confidential information...

7.8CVSS7.3AI score0.00363EPSS
Exploits0References4Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2024/12/02 12:0 a.m.8 views

Hewlett Packard Enterprise AutoPass License Server XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise AutoPass License Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 58...

7.5CVSS6.2AI score0.00363EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/12/02 12:0 a.m.7 views

Hewlett Packard Enterprise AutoPass License Server hsqldb Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise AutoPass License Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific fl...

8CVSS7.5AI score0.00368EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/12/02 12:0 a.m.6 views

Hewlett Packard Enterprise AutoPass License Server Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Hewlett Packard Enterprise AutoPass License Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 5814 by...

7.3CVSS7.1AI score0.01138EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/12/02 12:0 a.m.5 views

Hewlett Packard Enterprise AutoPass License Server SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise AutoPass License Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 58...

7.5CVSS6.6AI score0.00363EPSS
Exploits0References1
Rows per page
Query Builder