29 matches found
EUVD-2014-2647
Malware in sbrugna...
EUVD-2014-2648
Malware in sbrugna...
VulnCheck KEV: CVE-2014-2617
Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2104...
HPE Universal CMDB 'HTTP TRACE' Information Disclosure Vulnerability
The host is installed with HP Universal CMDB and is prone to an information disclosure vulnerability. OpenVAS Vulnerability Test $Id: gbhpeuniversalcmdbhttptraceinfodiscvuln.nasl 7497 2017-10-19 07:06:06Z santu $ HPE Universal CMDB 'HTTP TRACE' Information Disclosure Vulnerability Authors: Rinu...
HPE Universal CMDB Remote Code Execution And XSS Vulnerabilities
The host is installed with HP Universal CMDB and is prone to remote cross site scripting and code execution vulnerabilities. OpenVAS Vulnerability Test $Id: gbhpeuniversalcmdbxssncodeexecvuln.nasl 7497 2017-10-19 07:06:06Z santu $ HPE Universal CMDB Remote Code Execution And XSS Vulnerabilities...
HP Universal Configuration Management Database Data Flow Probe Gateway Detection
Binary data hpucmdbprobegatewaydetect.nbin...
HP Universal CMDB JMX Console Authentication Bypass (CVE-2014-7883)
An authentication bypass vulnerability exists in HP Universal CMDB. The vulnerability is in the JMX Console web application. The vulnerability is due to a design weakness in processing HTTP requests that are neither GET nor POST. A remote unauthenticated attacker can exploit this vulnerability by...
CVE-2014-7883
HP Universal CMDB UCMDB Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response...
Hewlett-Packard UCMDB 10.10 JMX-Console Authentication Bypass Vulnerability
Hewlett-Packard Universal CMDB version 10.10 suffers from a jmx-console related authentication bypass vulnerability. Title: Hewlett-Packard UCMDB - JMX-Console Authentication Bypass CVE-ID: CVE-2014-7883 Product: Hewlett-Packard Universal CMDB UCMDB Affected versions: UCMDB 10.10 Other versions...
[security bulletin] HPSBMU03064 rev.1 - HP Universal CMDB, Remote Information Disclosure, Execution of Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04357076 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04357076 Version: 1 HPSBMU03064 rev....
HP Universal CMDB Default Credentials Arbitrary File Upload (CVE-2014-2617)
A code execution vulnerability exists in HP Universal CMDB. The vulnerability is due to the use of hard-coded credentials when processing HTTP requests. A remote attacker can upload arbitrary files to arbitrary locations using the default credentials...
CVE-2014-2615
Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2083...
CVE-2014-2616
Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2091...
CVE-2014-2617
Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2104...
CVE-2014-2617
Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2104...
CVE-2014-2615
Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2083...
Code injection
Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2083...
Code injection
Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2091...
Design/Logic Flaw
Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2104...
CVE-2014-2615
HP Universal CMDB CVE-2014-2615 affects v10.01 and v10.10 with remote code execution and information disclosure (ZDI-CAN-2083). The related HP security bulletin HPSBMU03064 rev.1 states the vulnerabilities (CVE-2014-2615, -2616, -2617) could be exploited remotely to disclose information and execu...