Lucene search
K
HpOperations Orchestration

11 matches found

CVE
CVE
added 2017/10/10 9:0 p.m.69 views

CVE-2017-8994

CVE-2017-8994 affects HP Operations Orchestration versions before 10.80. The vulnerability enables remote code execution via deserialization of untrusted data, supported by multiple advisories (insecure/deserialization in central-remoting and backwards-compatibility servlets; WS execution bridge ...

9.8CVSS9.4AI score0.0984EPSS
CVE
CVE
added 2018/03/02 1:0 a.m.54 views

CVE-2018-6490

CVE-2018-6490 affects Micro Focus Operations Orchestration Software, specifically the 10.x line, with a remote Denial of Service vulnerability. The NVD entry documents a network-accessible DoS risk (CVSS v3 base 7.5, HIGH) and a second CVSS v2 assessment (base 7.8, HIGH); the disclosure notes rem...

7.8CVSS6.4AI score0.02624EPSS
CVE
CVE
added 2015/03/31 10:0 a.m.52 views

CVE-2015-2109

CVE-2015-2109 affects HP Operations Orchestration 10.x where an authentication bypass vulnerability exists due to an unspecified flaw. Public documents show affected versions are HP O.O. 10.x prior to 10.21 (per Tenable NASL reference) and HP security bulletin HPSBMU03292 rev.1 (SSRT101981) confi...

7.5CVSS6.4AI score0.04111EPSS
CVE
CVE
added 2015/03/31 10:0 a.m.50 views

CVE-2015-2108

HP Operations Orchestration (HP O.O.) versions 9.x and 10.x are affected by CVE-2015-2108, an information-disclosure vulnerability exploitable via PowerShell operations. The issue allows remote authenticated users to obtain sensitive information; exact vectors are not publicly detailed in the pro...

3.5CVSS5.9AI score0.01943EPSS
CVE
CVE
added 2013/12/17 2:0 a.m.49 views

CVE-2013-6191

HP Operations Orchestration (OO) before version 9 is vulnerable to Cross-Site Scripting (XSS) via unspecified vectors, enabling potential manipulation of web content. The issue is documented as CVE-2013-6191 and is addressed by HP with patch v9.07.0004. The cited bulletin notes XSS/CSRF risks for...

4.3CVSS5.8AI score0.02491EPSS
CVE
CVE
added 2013/12/17 2:0 a.m.47 views

CVE-2013-6192

HP Operations Orchestration is affected by CVE-2013-6192 through CSRF in versions earlier than 9, which could allow remote attackers to hijack user sessions via unknown vectors. The vulnerability is documented with a base CVSS-like impact as partial impact to confidentiality, integrity, and avail...

6.8CVSS7.2AI score0.00968EPSS
CVE
CVE
added 2018/02/15 10:0 p.m.47 views

CVE-2016-8519

CVE-2016-8519 describes a remote code execution vulnerability in Hewlett Packard Enterprise Operations Orchestration (HPE OOE) Community and Enterprise editions, prior to version 10.70. The flaw resides in the wsExecutionBridgeService servlet, where improper validation of user-supplied data and i...

10CVSS9.7AI score0.28051EPSS
CVE
CVE
added 2012/09/19 1:0 a.m.44 views

CVE-2012-3258

CVE-2012-3258 affects HP Operations Orchestration version 9.0 prior to 9.03, enabling remote execution of arbitrary code via unknown vectors. The HP Security Bulletin SSRT100712 (HPSBMU02813) confirms remote code execution potential and lists patch 9.03 as the fix, with later patches (e.g., 9.05)...

10CVSS7.9AI score0.09921EPSS
CVE
CVE
added 2015/11/23 2:0 a.m.44 views

CVE-2015-5451

HP Operations Orchestration Central 10.x before 10.22.001 is affected by an unspecified CSRF (XSRF) vulnerability that can allow an attacker to hijack the authentication of unspecified victims via unknown vectors. The affected product is HP OO 10.x; remediation approaches in the connected documen...

6.8CVSS7.3AI score0.01495EPSS
CVE
CVE
added 2016/03/22 10:0 a.m.43 views

CVE-2016-1997

CVE-2016-1997 affects HPE Operations Orchestration 10.x before 10.51 and related content before 1.7.0, due to unsafe deserialization of crafted Java objects via the Apache Commons Collections library. This leads to remote code execution by an unauthenticated attacker. Affected component is the Or...

10CVSS9.6AI score0.06689EPSS
CVE
CVE
added 2010/10/26 6:0 p.m.35 views

CVE-2010-3985

HP Operations Orchestration (pre-9.0) contains an XSS vulnerability when used with Internet Explorer 6. The issue allows remote attackers to inject arbitrary script or HTML via unspecified vectors. Base CVSSv2 score ~4.3 (Medium) with network access, no authentication, and partial integrity impac...

4.3CVSS5.8AI score0.02006EPSS