Lucene search
K

55 matches found

Cvelist
Cvelist
added 2013/09/13 6:0 p.m.33 views

CVE-2013-4809

Multiple SQL injection vulnerabilities in GetEventsServlet in HP ProCurve Manager PCM 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager IDM 4.0 allow remote attackers to execute arbitrary SQL commands via the 1 sort or 2 dir parameter...

8.4AI score0.03304EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2013/09/13 6:0 p.m.12 views

CVE-2013-4810

HP ProCurve Manager PCM 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager IDM 4.0, and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to 1 EJBInvokerServlet or 2 JMXInvokerServlet, aka ZDI-CAN-1760. NOTE: this is probably a duplica...

7.8AI score0.79003EPSS
Exploits5References7
Cvelist
Cvelist
added 2013/09/13 6:0 p.m.33 views

CVE-2013-4813

The Agent aka AgentController servlet in HP ProCurve Manager PCM 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager IDM 4.0 allows remote attackers to execute arbitrary commands via a HEAD request, aka ZDI-CAN-1745...

7.5AI score0.08507EPSS
Exploits0References4
CVE
CVE
added 2013/09/13 6:0 p.m.150 views

CVE-2013-4811

CVE-2013-4811 : A flaw in the HP ProCurve Manager SNAC UpdateDomainControllerServlet allows remote upload of JSP files and arbitrary code execution by manipulating the adCert parameter, affecting PCM 3.20/4.0, PCM+ 3.20/4.0, and IDM 4.0. Public references document a file-upload/path-traversal vul...

10CVSS7.6AI score0.71293EPSS
Exploits6References4Affected Software2
Positive Technologies
Positive Technologies
added 2013/09/11 12:0 a.m.4 views

PT-2013-5212 · Hewlett Packard · Hp Procurve Manager +2

Name of the Vulnerable Software and Affected Versions: HP ProCurve Manager versions 3.20 through 4.0 HP PCM+ versions 3.20 through 4.0 Identity Driven Manager version 4.0 Description: The issue allows remote attackers to execute arbitrary commands via a HEAD request. This is related to the Agent...

10CVSS8AI score0.08507EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2013/09/11 12:0 a.m.7 views

PT-2013-5211 · Hewlett Packard · Hp Procurve Manager +2

Name of the Vulnerable Software and Affected Versions: HP ProCurve Manager versions 3.20 through 4.0 HP PCM+ versions 3.20 through 4.0 Identity Driven Manager version 4.0 Description: The issue concerns the UpdateCertificatesServlet in the SNAC registration server, which fails to properly validat...

10CVSS7.6AI score0.51903EPSS
Exploits10References9
securityvulns
securityvulns
added 2013/09/11 12:0 a.m.118 views

HP ProCurve Manager, HP Identity Driven Manager multiple security vulnerabilities

Code execution, session reusage, SQL injection...

10CVSS2.1AI score0.79003EPSS
Exploits21References1Affected Software2
Positive Technologies
Positive Technologies
added 2013/09/11 12:0 a.m.7 views

PT-2013-5208 · Hewlett Packard · Hp Procurve Manager +2

Name of the Vulnerable Software and Affected Versions: HP ProCurve Manager versions 3.20 through 4.0 HP PCM+ versions 3.20 through 4.0 Identity Driven Manager version 4.0 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the sort or dir...

7.5CVSS8.5AI score0.03304EPSS
Exploits0References7
securityvulns
securityvulns
added 2013/09/11 12:0 a.m.233 views

[security bulletin] HPSBPV02918 rev.1 - HP ProCurve Manager (PCM), HP PCM+ and HP Identity Driven Manager (IDM), SQL Injection, Remote Code Execution, Session Reuse

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03897409 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03897409 Version: 1 HPSBPV02918 rev....

10CVSS0.2AI score0.79003EPSS
Exploits21
Positive Technologies
Positive Technologies
added 2013/09/11 12:0 a.m.6 views

PT-2013-5210 · Hewlett Packard · Hp Procurve Manager +1

Name of the Vulnerable Software and Affected Versions: HP ProCurve Manager versions 3.20 through 4.0 HP ProCurve Manager+ versions 3.20 through 4.0 Identity Driven Manager version 4.0 Description: The issue concerns the UpdateDomainControllerServlet in the SNAC registration server, which fails to...

10CVSS7.8AI score0.71293EPSS
Exploits6References9
Prion
Prion
added 2009/04/15 10:30 a.m.18 views

Code injection

Unspecified vulnerability in HP ProCurve Manager and HP ProCurve Manager Plus 2.3 and earlier allows remote attackers to obtain sensitive information from the ProCurve Manager server via unknown attack vectors...

5CVSS6.4AI score0.02427EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2009/04/15 10:0 a.m.20 views

CVE-2007-4514

Unspecified vulnerability in HP ProCurve Manager and HP ProCurve Manager Plus 2.3 and earlier allows remote attackers to obtain sensitive information from the ProCurve Manager server via unknown attack vectors...

6.1AI score0.02427EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2009/04/11 12:0 a.m.14 views

HP ProCurve Manager Remote Unauthorized Access to Data (HPSBMA02420 SSRT071458)

The version of HP ProCurve Manager PCM installed on the remote host reportedly contains a vulnerability that could allow remote attackers the ability to access arbitrary files hosted on the PCM server. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid36141;...

5CVSS5.8AI score0.02427EPSS
Exploits0References3
securityvulns
securityvulns
added 2009/04/10 12:0 a.m.54 views

[security bulletin] HPSBMA02420 SSRT071458 rev.1 - HP ProCurve Manager and HP ProCurve Manager Plus, Remote Unauthorized Access to Data

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01713073 Version: 1 HPSBMA02420 SSRT071458 rev.1 - HP ProCurve Manager and HP ProCurve Manager Plus, Remote Unauthorized Access to Data NOTICE: The information in this Security Bulletin should be...

5CVSS0.5AI score0.02427EPSS
Exploits0
securityvulns
securityvulns
added 2009/04/10 12:0 a.m.24 views

HP ProCurve Manager unauthorized access

No description provided...

5CVSS2.2AI score0.02427EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder