Lucene search
K
HpData Protector

14 matches found

CVE
CVE
•added 2011/02/09 12:0 a.m.•120 views

CVE-2011-0923

HP Data Protector 6.1 contains a remote code execution flaw in the omniinet service treated via EXEC_CMD handling. A crafted EXEC_CMD packet can cause the process to interpret user-supplied input as part of a filename, leading to arbitrary command execution (notably via perl.exe in {install_path}...

10CVSS7.2AI score0.81081EPSS
CVE
CVE
•added 2016/04/21 10:0 a.m.•85 views

CVE-2016-2004

CVE-2016-2004 affects HPE Data Protector: vulnerable in Content-Affected versions include HP Data Protector 7.03_108, 8.x prior to 8.15, and 9.x prior to 9.06. The flaw stems from lack of authentication in remote control communications, allowing unauthenticated remote code execution. This CVE is ...

9.8CVSS9.6AI score0.94297EPSS
CVE
CVE
•added 2018/02/15 10:0 p.m.•77 views

CVE-2017-5807

CVE-2017-5807 is a Remote Arbitrary Code Execution vulnerability affecting HPE Data Protector versions prior to 8.17 and 9.09. The connected sources indicate an overflow condition that, when triggered by certain input, could allow remote code execution. The issue is categorized with high to criti...

10CVSS9.5AI score0.22293EPSS
CVE
CVE
•added 2011/08/01 7:0 p.m.•75 views

CVE-2011-2399

CVE-2011-2399 is a remote denial-of-service vulnerability in HP Data Protector’s Media Management Daemon (mmd), affecting HP Data Protector versions up to 6.11. The issue allows an unauthenticated, remote attacker to cause a DoS via unknown vectors, with CVSSv2 base score 7.8 (HIGH). HP’s securit...

7.8CVSS6.6AI score0.04549EPSS
CVE
CVE
•added 2016/04/21 10:0 a.m.•69 views

CVE-2016-2006

CVE-2016-2006 affects Hewlett Packard Enterprise Data Protector prior to 7.03_108, 8.x before 8.15, and 9.x before 9.06. Connected advisories detail a remote code execution via Oracle? No—OmniInet.exe in HPE Data Protector listens on TCP port 5555. The vulnerability arises from a lack of boundary...

10CVSS9.8AI score0.20412EPSS
CVE
CVE
•added 2016/04/21 10:0 a.m.•65 views

CVE-2016-2005

CVE-2016-2005 affects HP Data Protector via the OmniInet.exe service. A remote, unauthenticated attacker can exploit a flaw in the EXEC_BAR username handling (fixed-length stack buffer) to execute arbitrary code. The vulnerability enables code execution under the SYSTEM context by sending malform...

10CVSS9.8AI score0.20412EPSS
CVE
CVE
•added 2016/04/21 10:0 a.m.•60 views

CVE-2016-2008

HP Data Protector is affected by CVE-2016-2008 in versions prior to 7.03 build 108, 8.x prior to 8.15, and 9.x prior to 9.06. The vulnerability is described as an unspecified flaw that allows remote attackers to execute arbitrary code (unauthenticated) or disclose information. The connected sourc...

9.8CVSS9.7AI score0.10482EPSS
CVE
CVE
•added 2011/02/09 12:0 a.m.•57 views

CVE-2011-0922

Summary: CVE-2011-0922 affects HP Data Protector Client. A vulnerability in processing the EXEC_SETUP (and related EXEC_CMD/INSTALL/EXEC_SETUP) messages allows a remote attacker to force the client to load and execute arbitrary programs from a remote SMB share, enabling remote code execution. The...

10CVSS7.3AI score0.64219EPSS
CVE
CVE
•added 2016/04/21 10:0 a.m.•55 views

CVE-2016-2007

HP Data Protector (HP) is affected by CVE-2016-2007 in versions prior to 7.03_108, 8.x prior to 8.15, and 9.x prior to 9.06. The vulnerability allows unauthenticated remote code execution via unspecified vectors, with ZDI-CAN-3354 tying the issue to the OmniInet.exe service listening on port 5555...

10CVSS9.8AI score0.20412EPSS
CVE
CVE
•added 2018/02/15 10:0 p.m.•55 views

CVE-2017-5809

CVE-2017-5809 is associated with HP Data Protector (versions < 8.17 and

5.5CVSS6.6AI score0.01613EPSS
CVE
CVE
•added 2011/02/09 12:0 a.m.•52 views

CVE-2011-0924

HP OpenView Storage Data Protector (Data Protector) client vulnerable via the EXEC_CMD handling: it does not verify file contents, allowing remote code execution by embedding malicious code in a file and using a trusted filename (e.g., omni_chk_ds.sh). Affected versions include Data Protector v6....

10CVSS7.6AI score0.04625EPSS
CVE
CVE
•added 2018/02/15 10:0 p.m.•52 views

CVE-2017-5808

CVE-2017-5808 is a Remote Arbitrary Code Execution vulnerability in HP Data Protector, affecting versions prior to 8.17 and 9.09. The issue is exploitable remotely over the network with no user interaction required, and has a high impact on availability (I) per CVSS v3.0 and high overall severity...

7.8CVSS8.1AI score0.16358EPSS
CVE
CVE
•added 2011/02/09 12:0 a.m.•47 views

CVE-2011-0921

The CVE-2011-0921 issue affects HP OpenView Storage Data Protector, specifically the CRs.exe Cell Manager Service in the client. The vulnerability arises from improper validation of credentials tied to hostname, domain, and username, permitting remote execution of arbitrary code by sending data o...

10CVSS8AI score0.11333EPSS
CVE
CVE
•added 2014/08/01 10:0 a.m.•43 views

CVE-2014-5160

HP Data Protector’s Cell Request Service crs.exe is affected by two directory traversal vulnerabilities (opcode 1091 and 305). The flaws allow remote, unauthenticated attackers to write or delete arbitrary files, with potential code execution in the service context. Affected component is crs.exe ...

6.4CVSS7.1AI score0.34765EPSS