Lucene search
+L

233 matches found

Prion
Prion
added 2020/04/30 8:15 p.m.19 views

Design/Logic Flaw

A security vulnerability in HPE Smart Update Manager SUM prior to version 8.5.6 could allow remote unauthorized access. Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager SUM prior to 8.5.6. Please visit the HPE Support Center at...

10CVSS9.3AI score0.79522EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/04/30 7:17 p.m.27 views

CVE-2020-7136

A security vulnerability in HPE Smart Update Manager SUM prior to version 8.5.6 could allow remote unauthorized access. Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager SUM prior to 8.5.6. Please visit the HPE Support Center at...

9.4AI score0.79522EPSS
Exploits0References1
CVE
CVE
added 2020/04/30 7:17 p.m.75 views

CVE-2020-7136

CVE-2020-7136 affects HPE Smart Update Manager (SUM) prior to version 8.5.6. The vulnerability could allow remote unauthorized access to SUM. Hewlett Packard Enterprise provides a software update to resolve this vulnerability in SUM prior to 8.5.6; the remediation is to download and install the l...

10CVSS9.3AI score0.79522EPSS
In wildExploits0References1Affected Software1
OSV
OSV
added 2020/03/23 2:15 p.m.2 views

CVE-2020-6650

UPS companion software v1.05 & Prior is affected by ‘Eval Injection’ vulnerability. The software does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call e.g.”eval” in “Update Manager” class when software attempts to see if there are updates...

8.8CVSS6.3AI score0.02103EPSS
Exploits0References1
Prion
Prion
added 2020/03/23 2:15 p.m.14 views

Code injection

UPS companion software v1.05 & Prior is affected by ‘Eval Injection’ vulnerability. The software does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call e.g.”eval” in “Update Manager” class when software attempts to see if there are updates...

5.8CVSS8.8AI score0.02103EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/03/23 1:25 p.m.25 views

CVE-2020-6650 Arbitrary code execution through “Update Manager” Class

UPS companion software v1.05 & Prior is affected by ‘Eval Injection’ vulnerability. The software does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call e.g.”eval” in “Update Manager” class when software attempts to see if there are updates...

8.3CVSS8.9AI score0.02103EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/02/24 12:0 a.m.39 views

HP Smart Update Manager Remote Unauthorized Access.

The HPE Smart Update manager running on the remote host is affected by an authentication bypass vulnerability. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to bypass authentication and execute arbitrary actions defined by the application. C Tenable Networ...

9.8CVSS6AI score0.0142EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/10/01 12:0 a.m.23 views

The vulnerability of the Enterprise Resource Management System “Galaktika ERP” allows a perpetrator to execute arbitrary codes.

The vulnerability of the “Update Manager” component of the enterprise resource management system Galaktika ERP is related to the lack of protection for transmitted data. Exploiting this vulnerability allows a malicious actor, who operates remotely and has access to the update server, to execute...

8.3CVSS6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/10/01 12:0 a.m.7 views

The vulnerability of the GALAXY ERP resource management system allows a hacker to replace software updates.

The vulnerability of the Plain FTP protocol used by the “Update Manager” component of the enterprise resource management system Galaktika ERP is related to the lack of protection for transmitted data. Exploiting this vulnerability can allow a malicious actor to gain access to software updates and...

3.4CVSS5.6AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/09/13 12:0 a.m.54 views

HP Smart Update Manager Remote Unauthorized Access.

The HPE Smart Update manager running on the remote host is affected by an authentication bypass vulnerability. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to bypass authentication and execute arbitrary actions defined by the application. C Tenable Networ...

9.8CVSS8.9AI score0.0142EPSS
Exploits0References2
CNVD
CNVD
added 2019/06/14 12:0 a.m.4 views

HPE Smart Update Manager Security Feature Issue Vulnerability

HPE Smart Update Manager SUM is a smart update manager from Hewlett Packard Enterprise HPE, USA. It is used to install and update firmware and software components on HP ProLiant and HP Integrity servers, chassis, and options. A security feature issue vulnerability exists in versions of HPE SUM...

7.8CVSS6.7AI score0.00317EPSS
Exploits0References1
NVD
NVD
added 2019/06/05 6:29 p.m.16 views

CVE-2019-11988

A Remote Unauthorized Access vulnerability was identified in HPE Smart Update Manager SUM earlier than version 8.3.5...

9.8CVSS9.6AI score0.0142EPSS
Exploits0References1
OSV
OSV
added 2019/06/05 6:29 p.m.7 views

CVE-2019-11988

A Remote Unauthorized Access vulnerability was identified in HPE Smart Update Manager SUM earlier than version 8.3.5...

9.8CVSS5.8AI score0.0142EPSS
Exploits0References1
Prion
Prion
added 2019/06/05 6:29 p.m.13 views

Privilege escalation

A security vulnerability in HPE Smart Update Manager SUM prior to v8.4 could allow local unauthorized elevation of privilege...

4.6CVSS7.4AI score0.00317EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/06/05 6:29 p.m.10 views

CVE-2019-11987

A security vulnerability in HPE Smart Update Manager SUM prior to v8.4 could allow local unauthorized elevation of privilege...

7.8CVSS7.5AI score0.00317EPSS
Exploits0References1
Prion
Prion
added 2019/06/05 6:29 p.m.13 views

Design/Logic Flaw

A Remote Unauthorized Access vulnerability was identified in HPE Smart Update Manager SUM earlier than version 8.3.5...

7.5CVSS9.4AI score0.0142EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/06/05 5:58 p.m.57 views

CVE-2019-11988

CVE-2019-11988 affects HPE Smart Update Manager (SUM) prior to version 8.3.5. The vulnerability is a Remote Unauthorized Access flaw caused by an authentication bypass that allows an unauthenticated, remote attacker to bypass login and perform arbitrary actions in SUM. The NVD entry lists high/cr...

9.8CVSS9.4AI score0.0142EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/06/05 5:58 p.m.19 views

CVE-2019-11988

A Remote Unauthorized Access vulnerability was identified in HPE Smart Update Manager SUM earlier than version 8.3.5...

9.6AI score0.0142EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/06/05 5:52 p.m.23 views

CVE-2019-11987

A security vulnerability in HPE Smart Update Manager SUM prior to v8.4 could allow local unauthorized elevation of privilege...

7.5AI score0.00317EPSS
Exploits0References1
CVE
CVE
added 2019/06/05 5:52 p.m.54 views

CVE-2019-11987

CVE-2019-11987 affects HPE Smart Update Manager (SUM) prior to v8.4. The vulnerability allows local unauthorized elevation of privilege due to insufficient authentication/authorization and privilege management. Affected component is SUM’s update/management workflow on HP ProLiant servers. Impact ...

7.8CVSS7.4AI score0.00317EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder