sei.anm.gov.br Cross Site Scripting vulnerability OBB-2451589

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Cisco ACE 4710 Application Control Engine and Application Networking Manager Cross-Site Request Forgery Vulnerability

A vulnerability in the web GUI of the Cisco Application Networking Manager ANM and the Device Manager DM in the Cisco ACE 4710 Application Control Engine ACE Appliance could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack against the user of the web...

CVE-2015-0651

Cross-site request forgery CSRF vulnerability in the web GUI in Cisco Application Networking Manager ANM, and Device Manager DM on Cisco 4710 Application Control Engine ACE appliances, allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuo99753...

CVE-2015-0651

CVE-2015-0651 is a CSRF vulnerability affecting Cisco Application Networking Manager (ANM) and the Device Manager (DM) on the Cisco ACE 4710 appliance. The issue stems from insufficient CSRF protections in the web GUI, allowing an unauthenticated, remote attacker to force arbitrary requests in th...

[security bulletin] HPSBGN02854 SSRT100881 rev.1 - HP Intelligent Management Center (iMC), iMC TACACS+ Authentication Manager (TAM), and iMC User Access Manager (UAM), Cross Site Scripting (XSS), Remote Code Execution,

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03689276 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03689276 Version: 1 HPSBGN02854...

CVE-2012-5207

Unspecified vulnerability in HP Intelligent Management Center iMC and Intelligent Management Center for Automated Network Manager ANM before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1661...

CVE-2012-5206

Unspecified vulnerability in HP Intelligent Management Center iMC and Intelligent Management Center for Automated Network Manager ANM before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1660...

CVE-2012-5205

Unspecified vulnerability in HP Intelligent Management Center iMC and Intelligent Management Center for Automated Network Manager ANM before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1650...

Design/Logic Flaw

Unspecified vulnerability in HP Intelligent Management Center iMC and Intelligent Management Center for Automated Network Manager ANM before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1660...

Cross site scripting

Cross-site scripting XSS vulnerability in HP Intelligent Management Center iMC and Intelligent Management Center for Automated Network Manager ANM before 5.2 E0401 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

Code injection

Unspecified vulnerability in HP Intelligent Management Center iMC and Intelligent Management Center for Automated Network Manager ANM before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1661...

CVE-2012-5204

CVE-2012-5204 affects HP Intelligent Management Center (iMC) and related ANM modules. The connected documentation confirms a directory traversal in the IctDownloadServlet that enables an unauthenticated attacker to retrieve arbitrary files with SYSTEM privileges, leading to information disclosure...

CVE-2012-5203

CVE-2012-5203 in HP Intelligent Management Center (iMC) and iMC for ANM (pre-5.2 E0401) is an information-disclosure vulnerability exploitable via a ReportImgServlet directory-traversal. The issue arises from lack of authentication and insufficient input validation in ReportImgServlet when proces...

CVE-2012-5206

CVE-2012-5206 affects HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) prior to 5.2 E0401. The vulnerability enables remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors (ZDI-CAN...

CVE-2012-5212

HP iMC (Intelligent Management Center) and ANM prior to 5.2 E0401 are affected by CVE-2012-5212, a vulnerability in which remote attackers may obtain sensitive information, modify data, or cause a denial of service via unknown vectors (ZDI-CAN-1663). Multiple third‑party advisories (ZDI, OpenVAS,...

CVE-2012-5213

CVE-2012-5213 is an information-disclosure vulnerability in HP Intelligent Management Center (iMC) and iMC for ANM prior to version 5.2 E0401 (aka ZDI-CAN-1662). Exploitation would allow remote attackers to obtain sensitive information via unknown vectors. HP’s security bulletin and related NASL ...

CVE-2012-5204

Unspecified vulnerability in HP Intelligent Management Center iMC and Intelligent Management Center for Automated Network Manager ANM before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1614...

CVE-2012-5202

CVE-2012-5202 is an information disclosure vulnerability in HP Intelligent Management Center (iMC) and ANM/FaultDownloadServlet prior to 5.2 E0401. The issue arises from a directory traversal vulnerability that, per the Metasploit module, allows unauthenticated attackers to access arbitrary files...

CVE-2012-5208

CVE-2012-5208 affects HP Intelligent Management Center (iMC) and iMC for ANM prior to 5.2 E0401. The connected sources identify this as an information-disclosure vulnerability (remote, via unknown vectors per ZDI-1615) that could allow an attacker to obtain sensitive information. The issue is emb...

CVE-2012-5209

CVE-2012-5209 is an HP iMC/ANM remote-code-execution vulnerability (ZDI-CAN-1659) affecting HP iMC before 5.2 E0401. Connected sources specify the flaw in the flexFileUpload servlet leading to RCE. HP released fixes in 5.2 E0401 (Standard/Enterprise, ANM, TAM/UAM as applicable). CVSS v2 base scor...