94 matches found
CVE-2018-6499
Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite...
Remote code execution
Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite...
CVE-2018-6499
Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite...
CVE-2018-6499
Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite...
CVE-2018-6499
CVE-2018-6499 describes a Remote Code Execution vulnerability affecting multiple HPE/Software Group containerized and related suites, including Hybrid Cloud Management, Operations Bridge Containerized Suite, Data Center Automation, Service Management Automation, Service Virtualization (SV), Unifi...
CVE-2018-0323
A vulnerability in the web management interface of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to conduct a path traversal attack on a targeted system. The vulnerability is due to insufficient validation of web request parameters. An attacker w...
Cisco Enterprise NFV Infrastructure Software Local Command Injection Vulnerability
Cisco Enterprise NFV Infrastructure Software NFVIS is a suite of NVF infrastructure software platforms from Cisco. The platform enables full lifecycle management of virtualized services through a central orchestrator and controller.CLI is one of the command line tools. A command injection...
3 Reasons to Use VMware NSX with Trend Micro Deep Security
Enterprises have begun adopting network virtualization for their IT infrastructure. According to a 2016 survey conducted by Accenture, 95 percent of small, medium, and large enterprises believe “network services will be virtualized.” Meanwhile, 25 percent of those who have adopted network...
Update Rollup 9 for System Center 2012 R2 Virtual Machine Manager
Update Rollup 9 for System Center 2012 R2 Virtual Machine Manager Introduction This article describes the issues that are fixed in Update Rollup 9 for Microsoft System Center 2012 R2 Virtual Machine Manager. There are three updates available for System Center 2012 R2 Virtual Machine Manager: one...
Command Execution Vulnerability in the Security Isolation Gateway china_gate_add_op.php at Beijing Yuanwei Software Co.
Beijing Yuanwei Software Co., Ltd. security isolation gateway is a multi-network security isolation system based on terminal virtualization technology and network virtualization technology. A command execution vulnerability exists in chinagateaddop.php, the security isolation gateway of Beijing...
The vulnerability of the network virtualization tool for testing software from HP Network Virtualization allows a hacker to read arbitrary files.
The vulnerability of the network virtualization tool for testing software from HP Network Virtualization. Exploiting this vulnerability could allow a malicious actor, operating remotely, to read arbitrary files using a specially crafted URL when accessing components like HttpServlet or...
VMware NSX and VMware vCNS Sensitive Information Disclosure Vulnerability
VMware NSX and VMware vCNS are Vmware's network and security virtualization platforms. A security vulnerability exists in VMware NSX and vCNS, which can be exploited by remote attackers to submit a special request to obtain sensitive information...
CVE-2015-2121
HP Network Virtualization for LoadRunner and Performance Center 8.61 and 11.52 allows remote attackers to read arbitrary files via a crafted filename in a URL to the 1 HttpServlet or 2 NetworkEditorController component, aka ZDI-CAN-2569...
Code injection
HP Network Virtualization for LoadRunner and Performance Center 8.61 and 11.52 allows remote attackers to read arbitrary files via a crafted filename in a URL to the 1 HttpServlet or 2 NetworkEditorController component, aka ZDI-CAN-2569...
CVE-2015-2121
HP Network Virtualization for LoadRunner and Performance Center 8.61 and 11.52 allows remote attackers to read arbitrary files via a crafted filename in a URL to the 1 HttpServlet or 2 NetworkEditorController component, aka ZDI-CAN-2569...
CVE-2015-2121
HP Network Virtualization for LoadRunner and Performance Center 8.61 and 11.52 allows remote attackers to read arbitrary files via a crafted filename in a URL to the 1 HttpServlet or 2 NetworkEditorController component, aka ZDI-CAN-2569...
CVE-2015-2121
CVE-2015-2121 affects HP Network Virtualization for LoadRunner and Performance Center (versions 11.52 and 8.61). The root cause is failure to sanitize filenames in URLs handled by HttpServlet and NetworkEditorController, allowing remote attackers to read arbitrary files. This information-disclosu...
Network Virtualization for HP LoadRunner Information Disclosure
The remote Windows host has a version of HP LoadRunner installed that is 11.52.x and a version of HP Network Virtualization installed that is prior to 8.61 patch 3. It is, therefore, affected by an information disclosure vulnerability due to a failure in HttpServlet and NetworkEditorController to...
Hewlett-Packard Network Virtualization Information Disclosure Vulnerability
This vulnerability allows remote attackers to read arbitrary files on vulnerable installations of Hewlett-Packard Network Virtualization. Authentication is not required to exploit this vulnerability. The specific flaw exists because neither the HttpServlet nor the NetworkEditorController sanitize...
HP LoadRunner and Performance Center Network Virtualization Remote Information Disclosure Vulnerability
HP LoadRunner and Performance Center is a new release of software and services designed to help IT organizations improve performance management throughout the application lifecycle. A security vulnerability exists in the HP LoadRunner and Performance Center network virtualization implementation...