2 matches found
HP Smart Update Manager Remote Unauthorized Access.
The HPE Smart Update manager running on the remote host is affected by an authentication bypass vulnerability. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to bypass authentication and execute arbitrary actions defined by the application. C Tenable Networ...
CVE-2019-11988
CVE-2019-11988 affects HPE Smart Update Manager (SUM) prior to version 8.3.5. The vulnerability is a Remote Unauthorized Access flaw caused by an authentication bypass that allows an unauthenticated, remote attacker to bypass login and perform arbitrary actions in SUM. The NVD entry lists high/cr...