CVE-2019-5408

CVE-2019-5408 affects HPE CVAE (Command View Advanced Edition) products, enabling an information disclosure of hosts/storage configuration via the Device Manager GUI. Affected stack: DevMgr 7.0.0-00 up to

CVE-2018-7077

The CVE-2018-7077 entry describes an information-disclosure vulnerability in HPE XP P9000 Command View Advanced Edition (CVAE) Device Manager and Configuration Manager: DevMgr 8.5.0-00 and earlier, CM 8.5.0-00 and earlier, up to 8.6.0-00. Exploitation could allow local and remote unauthorized acc...

CVE-2018-7090

HPE XP P9000 Command View Advanced Edition Software CVAE has local and remote cross site scripting vulnerability in versions 7.0.0-00 to earlier than 8.60-00 of DevMgr, TSMgr and RepMgr...

CVE-2018-7091

HPE XP P9000 Command View Advanced Edition Software CVAE has open URL redirection vulnerability in versions 7.0.0-00 to earlier than 8.60-00 of DevMgr, TSMgr and RepMgr...

Cross site scripting

HPE XP P9000 Command View Advanced Edition Software CVAE has local and remote cross site scripting vulnerability in versions 7.0.0-00 to earlier than 8.60-00 of DevMgr, TSMgr and RepMgr...

CVE-2018-7091

HPE XP P9000 Command View Advanced Edition Software (CVAE) is affected by an open URL redirection vulnerability in CVAE 7.0.0-00 through versions prior to 8.60-00 for DevMgr, TSMgr and RepMgr. The issue is described across multiple sources (NVD, CNVD, CVE listing) as an open URL redirection flaw;...

CVE-2018-7090

HPE XP P9000 Command View Advanced Edition Software CVAE has local and remote cross site scripting vulnerability in versions 7.0.0-00 to earlier than 8.60-00 of DevMgr, TSMgr and RepMgr...

CVE-2018-7090

CVE-2018-7090 affects HPE XP P9000 Command View Advanced Edition Software (CVAE). The CNVD entry specifies a cross-site scripting vulnerability in CVAE modules DevMgr, TSMgr and RepMgr for versions 7.0.0-00 through (but not including) 8.60-00. The vulnerability enables a remote attacker to inject...

CVE-2018-7091

HPE XP P9000 Command View Advanced Edition Software CVAE has open URL redirection vulnerability in versions 7.0.0-00 to earlier than 8.60-00 of DevMgr, TSMgr and RepMgr...

CVE-2016-4381

HPE XP7 Command View Advanced Edition CVAE Suite 6.x through 8.x before 8.4.1-02, when Replication Manager RepMgr and Device Manager DevMgr are enabled, allows local users to bypass intended access restrictions via unspecified vectors...

CVE-2016-4381

HPE XP7 Command View Advanced Edition CVAE Suite 6.x through 8.x before 8.4.1-02, when Replication Manager RepMgr and Device Manager DevMgr are enabled, allows local users to bypass intended access restrictions via unspecified vectors...

CVE-2016-4381

CVE-2016-4381 affects HPE XP7 Command View Advanced Edition (CVAE) Suite 6.x–8.x prior to 8.4.1-02. When Replication Manager and Device Manager are enabled, local users can bypass intended access restrictions via unspecified vectors. The NVD entry lists local attack with moderate complexity and p...

CVE-2016-4381

HPE XP7 Command View Advanced Edition CVAE Suite 6.x through 8.x before 8.4.1-02, when Replication Manager RepMgr and Device Manager DevMgr are enabled, allows local users to bypass intended access restrictions via unspecified vectors...

CVE-2016-2003

HPE P9000 Command View Advanced Edition Software CVAE 7.x and 8.x before 8.4.0-00 and XP7 CVAE 7.x and 8.x before 8.4.0-00 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections ACC library...

Command injection

HPE P9000 Command View Advanced Edition Software CVAE 7.x and 8.x before 8.4.0-00 and XP7 CVAE 7.x and 8.x before 8.4.0-00 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections ACC library...

CVE-2016-2003

Summary: CVE-2016-2003 affects HPE P9000 Command View Advanced Edition Software (CVAE) 7.x and 8.x before 8.4.0-00 and XP7 CVAE 7.x and 8.x before 8.4.0-00. Root cause: remote code execution via crafted serialized Java objects, related to the Apache Commons Collections library, due to insecure de...