Identity Driven Manager Security Vulnerabilities and Issues — Identity Driven Manager CVE List

Lucene search

HpIdentity Driven Manager

4 matches found

CVE•added 2013/09/16 1:1 p.m.•135 views

CVE-2013-4811

UpdateDomainControllerServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the adCert argument, which allows remote attackers to upload .jsp files and consequently execute arbitrary cod...

10CVSS7.6AI score0.83544EPSS

CVE•added 2013/09/16 1:1 p.m.•124 views

CVE-2013-4812

UpdateCertificatesServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the fileName argument, which allows remote attackers to upload .jsp files and consequently execute arbitrary code ...

10CVSS7.5AI score0.73996EPSS

CVE•added 2013/09/16 1:1 p.m.•41 views

CVE-2013-4809

Multiple SQL injection vulnerabilities in GetEventsServlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter.

7.5CVSS8.6AI score0.00863EPSS

CVE•added 2013/09/16 1:1 p.m.•37 views

CVE-2013-4813

The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allows remote attackers to execute arbitrary commands via a HEAD request, aka ZDI-CAN-1745.

10CVSS7.6AI score0.06402EPSS