Lucene search
K
HpOperations Manager

9 matches found

CVE
CVE
added 2009/11/24 12:0 a.m.329 views

CVE-2009-3843

CVE-2009-3843 : The HP Operations Manager 8.10 on Windows is reported to contain a hidden Tomcat user account in an XML file. This enables a remote attacker to perform an unrestricted file upload via /manager/html/upload and execute arbitrary code. Connected sources reference Tomcat manager uploa...

10CVSS9.6AI score0.78968EPSS
In wildWeb
CVE
CVE
added 2014/10/10 1:0 a.m.211 views

CVE-2014-2648

CVE-2014-2648 affects HP Operations Manager for UNIX versions 9.10 and 9.11, with a remote code execution vulnerability reported by HP/HP Security Bulletin HPSBMU03127. The exact attack vectors are not detailed in the provided documents, but the vulnerability allows an unauthenticated remote atta...

10CVSS7.8AI score0.08859EPSS
CVE
CVE
added 2009/12/03 5:0 p.m.101 views

CVE-2009-4189

CVE-2009-4189 : HP Operations Manager uses a default OvWebusr password for the ovwebusr account, enabling a remote attacker to trigger arbitrary code execution via the Tomcat manager servlet’s session with the manager role. Note that this CVE may overlap with CVE-2009-3099 and CVE-2009-3843. Expl...

10CVSS7.5AI score0.78531EPSS
CVE
CVE
added 2009/09/08 6:0 p.m.93 views

CVE-2009-3099

Technical details for CVE-2009-3099 are not publicly available in the provided documents; no affected products, vectors, or fixes are disclosed. Monitor for updates.

10CVSS6.4AI score0.09569EPSS
CVE
CVE
added 2014/10/10 1:0 a.m.60 views

CVE-2014-2649

HP Operations Manager for UNIX (HP-UX) versions 9.10, 9.11 and 9.20 are identified as affected by CVE-2014-2649, a remote code execution vulnerability. The vulnerability is described as unspecified in vectors, enabling an unauthenticated attacker to execute arbitrary code on a remote host. HP’s s...

7.5CVSS7.8AI score0.06378EPSS
CVE
CVE
added 2010/04/21 2:0 p.m.56 views

CVE-2010-1033

CVE-2010-1033 affects HP Operations Manager for Windows (versions 7.5, 8.10, 8.16) via a vulnerability in the SourceView ActiveX controls (srcvw32.dll and srcvw4.dll). The issue is described as multiple stack-based buffer overflows triggered by long strings passed to LoadFile or SaveFile, enablin...

9.3CVSS7.8AI score0.13385EPSS
CVE
CVE
added 2016/01/30 3:0 p.m.47 views

CVE-2016-1985

CVE-2016-1985 affects HPE Operations Manager 8.x and 9.0 on Windows. The vulnerability is due to unsafe deserialization of crafted Java objects via Apache Commons Collections, enabling remote code execution when processing a crafted serialized payload (e.g., via SOAP). The CVSS metrics in the pro...

10CVSS9.6AI score0.06632EPSS
CVE
CVE
added 2016/08/01 1:0 a.m.43 views

CVE-2016-4373

The CVE-2016-4373 entry concerns the AdminUI of HP Operations Manager (OM) before 9.21.130 on Linux/Unix/Solaris. It allows remote attackers to execute arbitrary commands by sending a crafted serialized Java object related to the Apache Commons Collections (ACC) library, i.e., remote code executi...

9.8CVSS9.6AI score0.04378EPSS
CVE
CVE
added 2016/09/08 4:0 p.m.40 views

CVE-2016-4380

CVE-2016-4380 affects HPE Operations Manager (AdminUI) 9.21.x prior to 9.21.130. Description: Cross-site scripting (XSS) vulnerability in the AdminUI that allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Root cause: inadequate input handling in the...

5.4CVSS5AI score0.0084EPSS