87 matches found
CVE-2014-7883
CVE-2014-7883 affects HP Universal CMDB (UCMDB) Server/JMX Console. The vulnerability arises from access control that only protects GET/POST; an attacker can use HTTP HEAD to bypass authentication and add/obtain admin access. Public references show affected UCMDB versions (e.g., 10.10, with menti...
Hewlett-Packard UCMDB 10.10 JMX-Console Authentication Bypass
Mogwai Security Advisory MSA-2015-02 ---------------------------------------------------------------------- Title: Hewlett-Packard UCMDB - JMX-Console Authentication Bypass CVE-ID: CVE-2014-7883 Product: Hewlett-Packard Universal CMDB UCMDB Affected versions: UCMDB 10.10 Other versions might also...
Hewlett-Packard (HP) UCMDB - JMX-Console Authentication Bypass
Hewlett-Packard HP UCMDB - JMX-Console Authentication Bypass Mogwai Security Advisory MSA-2015-02 ---------------------------------------------------------------------- Title: Hewlett-Packard UCMDB - JMX-Console Authentication Bypass CVE-ID: CVE-2014-7883 Product: Hewlett-Packard Universal CMDB...
Hewlett-Packard (HP) UCMDB - JMX-Console Authentication Bypass
Mogwai Security Advisory MSA-2015-02 ---------------------------------------------------------------------- Title: Hewlett-Packard UCMDB - JMX-Console Authentication Bypass CVE-ID: CVE-2014-7883 Product: Hewlett-Packard Universal CMDB UCMDB Affected versions: UCMDB 10.10 Other versions might also...
[security bulletin] HPSBMU03019 rev.1 - HP Software UCMDB Browser and Configuration Manager running OpenSSL, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04260353 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04260353 Version: 1 HPSBMU03019 rev....
CVE-2013-6215
HP Universal Configuration Management Database (CMDB) Integration Service vulnerability CVE-2013-6215 affects Integration Service components in HP UCMDB v10.01 and v10.10. The issue allows remote code execution via unknown vectors, reported as ZDI-CAN-1977. HP has provided patches to resolve the ...
CVE-2013-6215
Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 10.01 and 10.10 allows remote authenticated users to execute arbitrary code via unknown vectors, aka ZDI-CAN-1977...