Sitescope Security Vulnerabilities and Issues — Sitescope CVE List

Lucene search

HpSitescope

23 matches found

CVE•added 2013/11/04 4:55 p.m.•138 views

CVE-2013-4835

The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x before 11.22 allows remote attackers to bypass authentication and execute arbitrary code via a direct request to the issueSiebelCmd method, aka ZDI-CAN-1765.

7.5CVSS7.7AI score0.79304EPSS

CVE•added 2013/07/31 1:20 p.m.•120 views

CVE-2013-2367

Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21, when SOAP is used, allow remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1678.

10CVSS7.7AI score0.83849EPSS

CVE•added 2020/02/04 9:15 p.m.•68 views

CVE-2015-2802

An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and Solaris, HP Asset Manager 9.30 through 9.32, 9.40 through 9.41, 9.50, and Asset Manager Cloudsystem Chargeback 9.40, which could let a remote malicious user obtain sensitive information. This is the T...

7.5CVSS7.3AI score0.02152EPSS

CVE•added 2008/10/21 6:0 p.m.•56 views

CVE-2007-4350

Cross-site scripting (XSS) vulnerability in the management interface in HP SiteScope 9.0 build 911 allows remote attackers to inject arbitrary web script or HTML via an SNMP trap message.

4.3CVSS5.6AI score0.00795EPSS

CVE•added 2011/07/29 8:55 p.m.•50 views

CVE-2011-2400

Cross-site scripting (XSS) vulnerability in HP SiteScope 9.x, 10.x, and 11.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.7AI score0.00824EPSS

CVE•added 2018/02/15 10:29 p.m.•49 views

CVE-2017-8950

A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.

5.5CVSS6.3AI score0.00597EPSS

CVE•added 2012/09/25 11:7 a.m.•48 views

CVE-2012-3262

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1464.

10CVSS7.8AI score0.24213EPSS

CVE•added 2012/09/25 11:7 a.m.•47 views

CVE-2012-3261

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1463.

10CVSS7.6AI score0.68581EPSS

CVE•added 2018/02/15 10:29 p.m.•47 views

CVE-2017-8949

A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.

5.5CVSS6.3AI score0.00255EPSS

CVE•added 2012/09/25 11:7 a.m.•46 views

CVE-2012-3259

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1461.

10CVSS7.8AI score0.346EPSS

CVE•added 2012/09/25 11:7 a.m.•46 views

CVE-2012-3263

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1465.

10CVSS7.8AI score0.24213EPSS

CVE•added 2012/09/25 11:7 a.m.•45 views

CVE-2012-3260

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1462.

10CVSS7.8AI score0.68581EPSS

CVE•added 2015/05/25 2:59 p.m.•45 views

CVE-2015-2120

Unspecified vulnerability in HP SiteScope 11.1x before 11.13, 11.2x before 11.24.391, and 11.3x before 11.30.521 allows remote authenticated users to gain privileges via unknown vectors, aka ZDI-CAN-2567.

8.7CVSS6.5AI score0.01416EPSS

CVE•added 2017/09/30 1:29 a.m.•45 views

CVE-2017-14349

An authentication vulnerability in HPE SiteScope product versions 11.2x and 11.3x, allows read-only accounts to view all SiteScope interfaces and monitors, potentially exposing sensitive data.

9.8CVSS9.3AI score0.00759EPSS

CVE•added 2018/02/15 10:29 p.m.•44 views

CVE-2017-8952

A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.

7.5CVSS7.4AI score0.02598EPSS

CVE•added 2011/05/03 8:55 p.m.•42 views

CVE-2011-1726

Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, 11.01, and 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.6AI score0.01198EPSS

CVE•added 2014/07/07 11:1 a.m.•42 views

CVE-2014-2614

Unspecified vulnerability in HP SiteScope 11.1x through 11.13 and 11.2x through 11.24 allows remote attackers to bypass authentication via unknown vectors, aka ZDI-CAN-2140.

7.5CVSS6.9AI score0.01037EPSS

CVE•added 2014/03/11 1:1 p.m.•41 views

CVE-2013-6207

Unspecified vulnerability in the loadFileContents function in the SOAP implementation in HP SiteScope 10.1x, 11.1x, and 11.21 allows remote attackers to read arbitrary files or cause a denial of service via unknown vectors, aka ZDI-CAN-2084.

9.4CVSS6.9AI score0.02464EPSS

CVE•added 2012/09/25 11:7 a.m.•40 views

CVE-2012-3264

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1472.

7.5CVSS7.8AI score0.066EPSS

CVE•added 2011/07/29 8:55 p.m.•39 views

CVE-2011-2401

Session fixation vulnerability in HP SiteScope 9.x, 10.x, and 11.x allows remote attackers to hijack web sessions via unspecified vectors.

8.3CVSS6.7AI score0.01161EPSS

CVE•added 2015/02/02 1:59 a.m.•39 views

CVE-2014-7882

Unspecified vulnerability in HP SiteScope 11.1x and 11.2x allows remote authenticated users to gain privileges via unknown vectors.

5.5CVSS6.6AI score0.0037EPSS

CVE•added 2011/05/03 8:55 p.m.•38 views

CVE-2011-1727

Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, 11.01, and 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to an "HTML injection" issue.

4.3CVSS5.7AI score0.01071EPSS

CVE•added 2018/02/15 10:29 p.m.•38 views

CVE-2017-8951

A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.

7.8CVSS7.5AI score0.00404EPSS