83 matches found
HP/HPE/Micro Focus Universal CMDB Detection (HTTP)
HTTP based detection of HP/HPE/Micro Focus Universal CMDB. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...
HP/HPE/Micro Focus Universal CMDB Multiple Vulnerabilities (HPSBGN03622, HPSBGN03623)
HP/HPE/Micro Focus Universal CMDB CMDB is prone to remote information disclosure and code execution vulnerabilities. Copyright C 2016 Greenbone Networks GmbH, http://www.greenbone.net Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
HPE Universal CMDB Information Disclosure Vulnerability
HPE Universal CMDB is the Universal Management Configuration Database UCMDB from Hewlett Packard Enterprise HPE, USA. An information disclosure vulnerability exists in HPE Universal CMDB versions 10.0, 10.01, 10.10, 10.11, 10.20,10.21, which allows remote attackers to obtain sensitive information...
HPE Universal CMDB Arbitrary Code Execution Vulnerability
HPE Universal CMDB is the Universal Management Configuration Database, UCMDB, of Hewlett Packard Enterprise HPE, USA. An arbitrary code execution vulnerability exists in HPE Universal CMDB versions 10.0 through 10.21, Universal CMDB Configuration Manager versions 10.0 through 10.21,Universal...
CVE-2016-4368
HPE Universal CMDB 10.0 through 10.21, Universal CMDB Configuration Manager 10.0 through 10.21, and Universal Discovery 10.0 through 10.21 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections ACC library...
CVE-2016-4368
HPE Universal CMDB 10.0 through 10.21, Universal CMDB Configuration Manager 10.0 through 10.21, and Universal Discovery 10.0 through 10.21 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections ACC library...
CVE-2016-4367
The Universal Discovery component in HPE Universal CMDB 10.0, 10.01, 10.10, 10.11, 10.20, and 10.21 allows remote attackers to obtain sensitive information via unspecified vectors...
CVE-2016-4367
The Universal Discovery component in HPE Universal CMDB 10.0, 10.01, 10.10, 10.11, 10.20, and 10.21 allows remote attackers to obtain sensitive information via unspecified vectors...
CVE-2016-4368
CVE-2016-4368 affects HPE Universal CMDB products (UCMDB Server/Configuration Manager/Universal Discovery) versions 10.0–10.21. The root cause is unsafe deserialization of unauthenticated Java objects to the Apache Commons Collections (ACC) library, enabling remote code execution. Impact is remot...
CVE-2016-4367
CVE-2016-4367 affects the HPE Universal CMDB Universal Discovery component (versions 10.0, 10.01, 10.10, 10.11, 10.20, 10.21). The issue allows remote attackers to obtain sensitive information via unspecified vectors. The connected documents do not provide concrete exploit details or a disclosed ...
CVE-2016-2001
HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11, and 10.20 allows remote attackers to obtain sensitive information or conduct URL redirection attacks via unspecified vectors...
Information disclosure
HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11, and 10.20 allows remote attackers to obtain sensitive information or conduct URL redirection attacks via unspecified vectors...
CVE-2016-2001
The CVE-2016-2001 entry concerns HP Universal CMDB Foundation (UCMDB) versions 10.0, 10.01, 10.10, 10.11, and 10.20. Affected component: UCMDB Foundation; issue type: information disclosure and URL redirection due to unvalidated input. Root cause (per CNVD-2016-02189): the vulnerability arises fr...
CVE-2016-2001
HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11, and 10.20 allows remote attackers to obtain sensitive information or conduct URL redirection attacks via unspecified vectors...
Information Disclosure Vulnerability in JP1/Integrated Management - Universal CMDB
Overview An information disclosure vulnerability was found in JP1/Integrated Management - Universal CMDB. Impact When UCMDB server uses UD probe DFM probe, malicious remote users can acquire data stored in UD probe DFM probe, by sending crafted HTTP request to server. Solution Please refer to the...
HP Universal Configuration Management Database Data Flow Probe Gateway Detection
Binary data hpucmdbprobegatewaydetect.nbin...
HP Universal CMDB JMX Console Authentication Bypass (CVE-2014-7883)
An authentication bypass vulnerability exists in HP Universal CMDB. The vulnerability is in the JMX Console web application. The vulnerability is due to a design weakness in processing HTTP requests that are neither GET nor POST. A remote unauthenticated attacker can exploit this vulnerability by...
CVE-2014-7883
HP Universal CMDB UCMDB Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response...
CVE-2014-7883
CVE-2014-7883 affects HP Universal CMDB (UCMDB) Server/JMX Console. The vulnerability arises from access control that only protects GET/POST; an attacker can use HTTP HEAD to bypass authentication and add/obtain admin access. Public references show affected UCMDB versions (e.g., 10.10, with menti...
Hewlett-Packard UCMDB 10.10 JMX-Console Authentication Bypass Vulnerability
Hewlett-Packard Universal CMDB version 10.10 suffers from a jmx-console related authentication bypass vulnerability. Title: Hewlett-Packard UCMDB - JMX-Console Authentication Bypass CVE-ID: CVE-2014-7883 Product: Hewlett-Packard Universal CMDB UCMDB Affected versions: UCMDB 10.10 Other versions...