Lucene search
K

83 matches found

OpenVAS
OpenVAS
added 2016/07/14 12:0 a.m.18 views

HP/HPE/Micro Focus Universal CMDB Detection (HTTP)

HTTP based detection of HP/HPE/Micro Focus Universal CMDB. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...

7.1AI score
Exploits0References1
OpenVAS
OpenVAS
added 2016/07/14 12:0 a.m.31 views

HP/HPE/Micro Focus Universal CMDB Multiple Vulnerabilities (HPSBGN03622, HPSBGN03623)

HP/HPE/Micro Focus Universal CMDB CMDB is prone to remote information disclosure and code execution vulnerabilities. Copyright C 2016 Greenbone Networks GmbH, http://www.greenbone.net Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

8.2AI score
Exploits0References4
CNVD
CNVD
added 2016/06/12 12:0 a.m.4 views

HPE Universal CMDB Information Disclosure Vulnerability

HPE Universal CMDB is the Universal Management Configuration Database UCMDB from Hewlett Packard Enterprise HPE, USA. An information disclosure vulnerability exists in HPE Universal CMDB versions 10.0, 10.01, 10.10, 10.11, 10.20,10.21, which allows remote attackers to obtain sensitive information...

7.5CVSS6.3AI score0.07541EPSS
Exploits0References1
CNVD
CNVD
added 2016/06/12 12:0 a.m.5 views

HPE Universal CMDB Arbitrary Code Execution Vulnerability

HPE Universal CMDB is the Universal Management Configuration Database, UCMDB, of Hewlett Packard Enterprise HPE, USA. An arbitrary code execution vulnerability exists in HPE Universal CMDB versions 10.0 through 10.21, Universal CMDB Configuration Manager versions 10.0 through 10.21,Universal...

9.8CVSS8.4AI score0.04734EPSS
Exploits0References1
NVD
NVD
added 2016/06/08 2:59 p.m.20 views

CVE-2016-4368

HPE Universal CMDB 10.0 through 10.21, Universal CMDB Configuration Manager 10.0 through 10.21, and Universal Discovery 10.0 through 10.21 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections ACC library...

9.8CVSS9.8AI score0.04734EPSS
Exploits0References1
OSV
OSV
added 2016/06/08 2:59 p.m.4 views

CVE-2016-4368

HPE Universal CMDB 10.0 through 10.21, Universal CMDB Configuration Manager 10.0 through 10.21, and Universal Discovery 10.0 through 10.21 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections ACC library...

9.8CVSS6AI score0.04734EPSS
Exploits0References1
NVD
NVD
added 2016/06/08 2:59 p.m.17 views

CVE-2016-4367

The Universal Discovery component in HPE Universal CMDB 10.0, 10.01, 10.10, 10.11, 10.20, and 10.21 allows remote attackers to obtain sensitive information via unspecified vectors...

7.5CVSS7.3AI score0.07541EPSS
Exploits0References2
Cvelist
Cvelist
added 2016/06/08 2:0 p.m.20 views

CVE-2016-4367

The Universal Discovery component in HPE Universal CMDB 10.0, 10.01, 10.10, 10.11, 10.20, and 10.21 allows remote attackers to obtain sensitive information via unspecified vectors...

7.4AI score0.07541EPSS
Exploits0References2
CVE
CVE
added 2016/06/08 2:0 p.m.54 views

CVE-2016-4368

CVE-2016-4368 affects HPE Universal CMDB products (UCMDB Server/Configuration Manager/Universal Discovery) versions 10.0–10.21. The root cause is unsafe deserialization of unauthenticated Java objects to the Apache Commons Collections (ACC) library, enabling remote code execution. Impact is remot...

9.8CVSS9.7AI score0.04734EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2016/06/08 2:0 p.m.45 views

CVE-2016-4367

CVE-2016-4367 affects the HPE Universal CMDB Universal Discovery component (versions 10.0, 10.01, 10.10, 10.11, 10.20, 10.21). The issue allows remote attackers to obtain sensitive information via unspecified vectors. The connected documents do not provide concrete exploit details or a disclosed ...

7.5CVSS7.6AI score0.07541EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2016/04/12 11:59 p.m.13 views

CVE-2016-2001

HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11, and 10.20 allows remote attackers to obtain sensitive information or conduct URL redirection attacks via unspecified vectors...

7.4CVSS7.2AI score0.02004EPSS
Exploits0References2
Prion
Prion
added 2016/04/12 11:59 p.m.15 views

Information disclosure

HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11, and 10.20 allows remote attackers to obtain sensitive information or conduct URL redirection attacks via unspecified vectors...

5.8CVSS6.8AI score0.02004EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2016/04/12 11:0 p.m.48 views

CVE-2016-2001

The CVE-2016-2001 entry concerns HP Universal CMDB Foundation (UCMDB) versions 10.0, 10.01, 10.10, 10.11, and 10.20. Affected component: UCMDB Foundation; issue type: information disclosure and URL redirection due to unvalidated input. Root cause (per CNVD-2016-02189): the vulnerability arises fr...

7.4CVSS7.1AI score0.02004EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2016/04/12 11:0 p.m.23 views

CVE-2016-2001

HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11, and 10.20 allows remote attackers to obtain sensitive information or conduct URL redirection attacks via unspecified vectors...

7.2AI score0.02004EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/05/21 7:37 a.m.3 views

Information Disclosure Vulnerability in JP1/Integrated Management - Universal CMDB

Overview An information disclosure vulnerability was found in JP1/Integrated Management - Universal CMDB. Impact When UCMDB server uses UD probe DFM probe, malicious remote users can acquire data stored in UD probe DFM probe, by sending crafted HTTP request to server. Solution Please refer to the...

5.8CVSS6.3AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/03/18 12:0 a.m.11 views

HP Universal Configuration Management Database Data Flow Probe Gateway Detection

Binary data hpucmdbprobegatewaydetect.nbin...

7.3AI score
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2015/03/03 12:0 a.m.37 views

HP Universal CMDB JMX Console Authentication Bypass (CVE-2014-7883)

An authentication bypass vulnerability exists in HP Universal CMDB. The vulnerability is in the JMX Console web application. The vulnerability is due to a design weakness in processing HTTP requests that are neither GET nor POST. A remote unauthenticated attacker can exploit this vulnerability by...

5CVSS7AI score0.37022EPSS
Exploits5
Cvelist
Cvelist
added 2015/02/15 8:0 p.m.94 views

CVE-2014-7883

HP Universal CMDB UCMDB Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response...

6AI score0.37022EPSS
Exploits5References3
CVE
CVE
added 2015/02/15 8:0 p.m.154 views

CVE-2014-7883

CVE-2014-7883 affects HP Universal CMDB (UCMDB) Server/JMX Console. The vulnerability arises from access control that only protects GET/POST; an attacker can use HTTP HEAD to bypass authentication and add/obtain admin access. Public references show affected UCMDB versions (e.g., 10.10, with menti...

5CVSS6AI score0.37022EPSS
Exploits5References3Affected Software1
0day.today
0day.today
added 2015/02/04 12:0 a.m.111 views

Hewlett-Packard UCMDB 10.10 JMX-Console Authentication Bypass Vulnerability

Hewlett-Packard Universal CMDB version 10.10 suffers from a jmx-console related authentication bypass vulnerability. Title: Hewlett-Packard UCMDB - JMX-Console Authentication Bypass CVE-ID: CVE-2014-7883 Product: Hewlett-Packard Universal CMDB UCMDB Affected versions: UCMDB 10.10 Other versions...

5CVSS0.5AI score0.79415EPSS
Exploits30
Rows per page
Query Builder