Hewlett Packard Enterprise Insight Remote Support DESTA Service Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise Insight Remote Support. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DESTA service, which listens on TCP port 7901 by...

Hewlett Packard Enterprise Insight Remote Support getDocumentRootElement XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise Insight Remote Support. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the getDocumentRootEleme...

Hewlett Packard Enterprise Insight Remote Support setInputStream XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise Insight Remote Support. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the setInputStream metho...

openSUSE Security Advisory (SUSE-SU-2024:4086-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-53676

CVE-2024-53676 is a directory traversal vulnerability in Hewlett Packard Enterprise Insight Remote Support that may allow remote code execution. Multiple connected sources (including Red Hat and PT-Security) corroborate a flaw in handling attachments/streams, related to a method akin to processAt...

CVE-2024-53673

A java deserialization vulnerability in HPE Remote Insight Support may allow an unauthenticated attacker to execute code...

CVE-2024-53674

An XML external entity injection XXE vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases...

CVE-2024-53673

A java deserialization vulnerability in HPE Remote Insight Support may allow an unauthenticated attacker to execute code...

CVE-2024-53675

An XML external entity injection XXE vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases...

CVE-2024-53674

An XML external entity injection XXE vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases...

CVE-2024-11622

An XML external entity injection XXE vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases...

CVE-2024-11622

An XML external entity injection XXE vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases...

CVE-2024-53675

An XML external entity injection XXE vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases...

CVE-2024-53675

CVE-2024-53675 concerns an XML External Entity (XXE) vulnerability in HPE Insight Remote Support . The connected documents consistently describe XXE as the underlying issue and indicate that remote users may disclose information in certain cases. Public details provided include the vulnerability ...

CVE-2024-53674

CVE-2024-53674 relates to an XML External Entity (XXE) processing flaw in Hewlett Packard Enterprise Insight Remote Support. Documents indicate the vulnerability arises from improper XML parsing (getDocumentRootElement) which can allow remote attackers to disclose sensitive files. Notably, exploi...

CVE-2024-53674

An XML external entity injection XXE vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases...

CVE-2024-53673

The CVE-2024-53673 entry affects Hewlett Packard Enterprise Remote Insight Support (DESTA service). The ZDI advisory and related sources describe a deserialization vulnerability in DESTA that requires no authentication and can lead to remote code execution. The vulnerability arises from improper ...

CVE-2024-53673

A java deserialization vulnerability in HPE Remote Insight Support may allow an unauthenticated attacker to execute code...

CVE-2024-53673

A java deserialization vulnerability in HPE Remote Insight Support may allow an unauthenticated attacker to execute code...

CVE-2024-11622

An XML external entity injection XXE vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases...