55 matches found
CVE-2013-4809
Multiple SQL injection vulnerabilities in GetEventsServlet in HP ProCurve Manager PCM 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager IDM 4.0 allow remote attackers to execute arbitrary SQL commands via the 1 sort or 2 dir parameter...
CVE-2013-4810
HP ProCurve Manager PCM 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager IDM 4.0, and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to 1 EJBInvokerServlet or 2 JMXInvokerServlet, aka ZDI-CAN-1760. NOTE: this is probably a duplica...
CVE-2013-4813
The Agent aka AgentController servlet in HP ProCurve Manager PCM 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager IDM 4.0 allows remote attackers to execute arbitrary commands via a HEAD request, aka ZDI-CAN-1745...
CVE-2013-4811
CVE-2013-4811 : A flaw in the HP ProCurve Manager SNAC UpdateDomainControllerServlet allows remote upload of JSP files and arbitrary code execution by manipulating the adCert parameter, affecting PCM 3.20/4.0, PCM+ 3.20/4.0, and IDM 4.0. Public references document a file-upload/path-traversal vul...
PT-2013-5212 · Hewlett Packard · Hp Procurve Manager +2
Name of the Vulnerable Software and Affected Versions: HP ProCurve Manager versions 3.20 through 4.0 HP PCM+ versions 3.20 through 4.0 Identity Driven Manager version 4.0 Description: The issue allows remote attackers to execute arbitrary commands via a HEAD request. This is related to the Agent...
PT-2013-5211 · Hewlett Packard · Hp Procurve Manager +2
Name of the Vulnerable Software and Affected Versions: HP ProCurve Manager versions 3.20 through 4.0 HP PCM+ versions 3.20 through 4.0 Identity Driven Manager version 4.0 Description: The issue concerns the UpdateCertificatesServlet in the SNAC registration server, which fails to properly validat...
HP ProCurve Manager, HP Identity Driven Manager multiple security vulnerabilities
Code execution, session reusage, SQL injection...
PT-2013-5208 · Hewlett Packard · Hp Procurve Manager +2
Name of the Vulnerable Software and Affected Versions: HP ProCurve Manager versions 3.20 through 4.0 HP PCM+ versions 3.20 through 4.0 Identity Driven Manager version 4.0 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the sort or dir...
[security bulletin] HPSBPV02918 rev.1 - HP ProCurve Manager (PCM), HP PCM+ and HP Identity Driven Manager (IDM), SQL Injection, Remote Code Execution, Session Reuse
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03897409 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03897409 Version: 1 HPSBPV02918 rev....
PT-2013-5210 · Hewlett Packard · Hp Procurve Manager +1
Name of the Vulnerable Software and Affected Versions: HP ProCurve Manager versions 3.20 through 4.0 HP ProCurve Manager+ versions 3.20 through 4.0 Identity Driven Manager version 4.0 Description: The issue concerns the UpdateDomainControllerServlet in the SNAC registration server, which fails to...
Code injection
Unspecified vulnerability in HP ProCurve Manager and HP ProCurve Manager Plus 2.3 and earlier allows remote attackers to obtain sensitive information from the ProCurve Manager server via unknown attack vectors...
CVE-2007-4514
Unspecified vulnerability in HP ProCurve Manager and HP ProCurve Manager Plus 2.3 and earlier allows remote attackers to obtain sensitive information from the ProCurve Manager server via unknown attack vectors...
HP ProCurve Manager Remote Unauthorized Access to Data (HPSBMA02420 SSRT071458)
The version of HP ProCurve Manager PCM installed on the remote host reportedly contains a vulnerability that could allow remote attackers the ability to access arbitrary files hosted on the PCM server. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid36141;...
[security bulletin] HPSBMA02420 SSRT071458 rev.1 - HP ProCurve Manager and HP ProCurve Manager Plus, Remote Unauthorized Access to Data
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01713073 Version: 1 HPSBMA02420 SSRT071458 rev.1 - HP ProCurve Manager and HP ProCurve Manager Plus, Remote Unauthorized Access to Data NOTICE: The information in this Security Bulletin should be...
HP ProCurve Manager unauthorized access
No description provided...