233 matches found
Design/Logic Flaw
A security vulnerability in HPE Smart Update Manager SUM prior to version 8.5.6 could allow remote unauthorized access. Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager SUM prior to 8.5.6. Please visit the HPE Support Center at...
CVE-2020-7136
A security vulnerability in HPE Smart Update Manager SUM prior to version 8.5.6 could allow remote unauthorized access. Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager SUM prior to 8.5.6. Please visit the HPE Support Center at...
CVE-2020-7136
CVE-2020-7136 affects HPE Smart Update Manager (SUM) prior to version 8.5.6. The vulnerability could allow remote unauthorized access to SUM. Hewlett Packard Enterprise provides a software update to resolve this vulnerability in SUM prior to 8.5.6; the remediation is to download and install the l...
CVE-2020-6650
UPS companion software v1.05 & Prior is affected by ‘Eval Injection’ vulnerability. The software does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call e.g.”eval” in “Update Manager” class when software attempts to see if there are updates...
Code injection
UPS companion software v1.05 & Prior is affected by ‘Eval Injection’ vulnerability. The software does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call e.g.”eval” in “Update Manager” class when software attempts to see if there are updates...
CVE-2020-6650 Arbitrary code execution through “Update Manager” Class
UPS companion software v1.05 & Prior is affected by ‘Eval Injection’ vulnerability. The software does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call e.g.”eval” in “Update Manager” class when software attempts to see if there are updates...
HP Smart Update Manager Remote Unauthorized Access.
The HPE Smart Update manager running on the remote host is affected by an authentication bypass vulnerability. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to bypass authentication and execute arbitrary actions defined by the application. C Tenable Networ...
The vulnerability of the Enterprise Resource Management System “Galaktika ERP” allows a perpetrator to execute arbitrary codes.
The vulnerability of the “Update Manager” component of the enterprise resource management system Galaktika ERP is related to the lack of protection for transmitted data. Exploiting this vulnerability allows a malicious actor, who operates remotely and has access to the update server, to execute...
The vulnerability of the GALAXY ERP resource management system allows a hacker to replace software updates.
The vulnerability of the Plain FTP protocol used by the “Update Manager” component of the enterprise resource management system Galaktika ERP is related to the lack of protection for transmitted data. Exploiting this vulnerability can allow a malicious actor to gain access to software updates and...
HP Smart Update Manager Remote Unauthorized Access.
The HPE Smart Update manager running on the remote host is affected by an authentication bypass vulnerability. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to bypass authentication and execute arbitrary actions defined by the application. C Tenable Networ...
HPE Smart Update Manager Security Feature Issue Vulnerability
HPE Smart Update Manager SUM is a smart update manager from Hewlett Packard Enterprise HPE, USA. It is used to install and update firmware and software components on HP ProLiant and HP Integrity servers, chassis, and options. A security feature issue vulnerability exists in versions of HPE SUM...
CVE-2019-11988
A Remote Unauthorized Access vulnerability was identified in HPE Smart Update Manager SUM earlier than version 8.3.5...
CVE-2019-11988
A Remote Unauthorized Access vulnerability was identified in HPE Smart Update Manager SUM earlier than version 8.3.5...
Privilege escalation
A security vulnerability in HPE Smart Update Manager SUM prior to v8.4 could allow local unauthorized elevation of privilege...
CVE-2019-11987
A security vulnerability in HPE Smart Update Manager SUM prior to v8.4 could allow local unauthorized elevation of privilege...
Design/Logic Flaw
A Remote Unauthorized Access vulnerability was identified in HPE Smart Update Manager SUM earlier than version 8.3.5...
CVE-2019-11988
CVE-2019-11988 affects HPE Smart Update Manager (SUM) prior to version 8.3.5. The vulnerability is a Remote Unauthorized Access flaw caused by an authentication bypass that allows an unauthenticated, remote attacker to bypass login and perform arbitrary actions in SUM. The NVD entry lists high/cr...
CVE-2019-11988
A Remote Unauthorized Access vulnerability was identified in HPE Smart Update Manager SUM earlier than version 8.3.5...
CVE-2019-11987
A security vulnerability in HPE Smart Update Manager SUM prior to v8.4 could allow local unauthorized elevation of privilege...
CVE-2019-11987
CVE-2019-11987 affects HPE Smart Update Manager (SUM) prior to v8.4. The vulnerability allows local unauthorized elevation of privilege due to insufficient authentication/authorization and privilege management. Affected component is SUM’s update/management workflow on HP ProLiant servers. Impact ...