19 matches found
EUVD-2009-1417
Malware in sbrugna...
CVE-2016-4369
HPE Discovery and Dependency Mapping Inventory DDMi 9.30, 9.31, 9.32, 9.32 update 1, 9.32 update 2, and 9.32 update 3 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library...
CVE-2016-4369
HPE Discovery and Dependency Mapping Inventory DDMi 9.30, 9.31, 9.32, 9.32 update 1, 9.32 update 2, and 9.32 update 3 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library...
CVE-2016-4369
CVE-2016-4369 affects HPE Discovery and Dependency Mapping Inventory (DDMi) versions 9.30–9.32 (including 9.32 updates). Affected component is the Apache Commons Collections (ACC) library used by DDMi. The root cause is deserialization of crafted Java objects, enabling remote authenticated users ...
Design/Logic Flaw
HP Discovery & Dependency Mapping Inventory DDMI 7.50, 7.51, 7.60, 7.61, 7.70, and 9.30 launches the Windows SNMP service with its default configuration, which allows remote attackers to obtain potentially sensitive information or have unspecified other impact by leveraging the public read...
CVE-2011-0890
HP Discovery & Dependency Mapping Inventory DDMI 7.50, 7.51, 7.60, 7.61, 7.70, and 9.30 launches the Windows SNMP service with its default configuration, which allows remote attackers to obtain potentially sensitive information or have unspecified other impact by leveraging the public read...
CVE-2011-0890
Summary: CVE-2011-0890 affects HP DDMI versions 7.50, 7.51, 7.60, 7.61, 7.70, and 9.30. The issue arises because the Windows SNMP service is launched with its default configuration, allowing remote attackers to access read-only SNMP data via the public read community. Impact (as documented): Remo...
CVE-2010-4114
HP DDMI (Discovery & Dependency Mapping Inventory) versions 2.5x, 7.5x, and 7.6x are affected by CVE-2010-4114, a Cross-Site Scripting (XSS) vulnerability allowing remote injection of scripts via unspecified vectors. The NVD entry lists CVSS v2 base score 4.3 (I: Partial, A: None) with network at...
[security bulletin] HPSBMA02617 SSRT100338 rev.1 - HP Discovery & Dependency Mapping Inventory (DDMI) Running on Windows, Remote Cross SIte Scripting (XSS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02655735 Version: 1 HPSBMA02617 SSRT100338 rev.1 - HP Discovery & Dependency Mapping Inventory DDMI Running on Windows, Remote Cross SIte Scripting XSS NOTICE: The information in this Security...
[security bulletin] HPSBMA02456 SSRT090188 rev.1 - HP Discovery & Dependency Mapping Inventory (DDMI) Running on Windows, Remote Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01861595 Version: 1 HPSBMA02456 SSRT090188 rev.1 - HP Discovery & Dependency Mapping Inventory DDMI Running on Windows, Remote Execution of Arbitrary Code NOTICE: The information in this Security...
Design/Logic Flaw
Unspecified vulnerability in HP Discovery & Dependency Mapping Inventory DDMI 2.5x, 7.5x, and 7.60 on Windows allows remote authenticated users to execute arbitrary code via unknown vectors...
CVE-2009-3841
Unspecified vulnerability in HP Discovery & Dependency Mapping Inventory DDMI 2.5x, 7.5x, and 7.60 on Windows allows remote authenticated users to execute arbitrary code via unknown vectors...
CVE-2009-3841
HP Discovery & Dependency Mapping Inventory (DDMI) running on Windows versions 2.5x, 7.5x, and 7.60 is affected by CVE-2009-3841. The HP Security Bulletin SSRT090188 rev.1 states a remote execution of arbitrary code by an authorized user, with the base CVSS 2.0 score of 9.0. Patched versions are ...
HP DDMI on Windows Unspecified Remote Agent Access
The remote host is running an HP Discovery & Dependency Mapping Inventory DDMI agent to facilitate communications between a central DDMI server and workstations that are part of the deployed inventory process. The version of the agent on the remote host fails to check for a valid SSL certificate...
HP DDMI Web Interface Default Credentials
The remote host is running HP Discovery & Dependency Mapping Inventory DDMI, which is used to automate discovery and inventory of network devices. The remote installation of HP DDMI has at least one account configured using default credentials. Knowing these, an attacker can gain access to the...
Design/Logic Flaw
Unspecified vulnerability in HP Discovery & Dependency Mapping Inventory DDMI 2.0.0 through 2.52, 7.50, and 7.51 on Windows allows remote attackers to access DDMI agents via unknown vectors...
CVE-2009-1419
Unspecified vulnerability in HP Discovery & Dependency Mapping Inventory DDMI 2.0.0 through 2.52, 7.50, and 7.51 on Windows allows remote attackers to access DDMI agents via unknown vectors...
[security bulletin] HPSBMA02433 SSRT090084 rev.1 - HP Discovery & Dependency Mapping Inventory (DDMI) Running on Windows, Remote Unauthorized Access
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01760771 Version: 1 HPSBMA02433 SSRT090084 rev.1 - HP Discovery & Dependency Mapping Inventory DDMI Running on Windows, Remote Unauthorized Access NOTICE: The information in this Security Bulleti...
CVE-2009-1419
HP DDMI on Windows (DDMI 2.0.0–2.52, 7.50, 7.51) contains an authentication/validation flaw in the agent: it does not verify the SSL certificate from a known DDMI server before processing requests, enabling a remote, unauthenticated attacker to access DDMI agents and potentially disclose software...