Lucene search
K
HpUniversal Configuration Management Database

7 matches found

CVE
CVE
added 2015/02/15 8:0 p.m.153 views

CVE-2014-7883

CVE-2014-7883 affects HP Universal CMDB (UCMDB) Server/JMX Console. The vulnerability arises from access control that only protects GET/POST; an attacker can use HTTP HEAD to bypass authentication and add/obtain admin access. Public references show affected UCMDB versions (e.g., 10.10, with menti...

5CVSS6AI score0.37022EPSS
Web
CVE
CVE
added 2014/07/07 10:0 a.m.65 views

CVE-2014-2617

HP Universal CMDB versions 10.01 and 10.10 are affected by CVE-2014-2617, a remote code execution/ information disclosure vulnerability. The HP Security Bulletin HPSBMU03064 rev.1 attributes this to remote access with default configuration and, per companion advisories, hard-coded credentials tha...

10CVSS7.5AI score0.12235EPSS
CVE
CVE
added 2014/04/19 1:0 a.m.50 views

CVE-2013-6214

HP Universal Configuration Management Database (UCMDB) Integration Service (v9.05, v10.01, v10.10) contains an unspecified vulnerability that could allow remote authenticated users to disclose information via unknown vectors (ZDI-CAN-2042). The HP security bulletin (HPSBMU02988 rev.1, 2014-04-17)...

4CVSS5.9AI score0.01155EPSS
CVE
CVE
added 2014/04/19 9:0 p.m.47 views

CVE-2013-6215

HP Universal Configuration Management Database (CMDB) Integration Service vulnerability CVE-2013-6215 affects Integration Service components in HP UCMDB v10.01 and v10.10. The issue allows remote code execution via unknown vectors, reported as ZDI-CAN-1977. HP has provided patches to resolve the ...

8.5CVSS7.5AI score0.02594EPSS
CVE
CVE
added 2015/09/16 2:0 p.m.46 views

CVE-2015-5440

HP UCMDB local information disclosure (CVE-2015-5440) affects HP UCMDB server versions 10.00, 10.01 (pre-10.01CUP12), 10.10, 10.11 (pre-10.11CUP6), and 10.2x (pre-10.21). A local attacker can obtain sensitive information via unspecified vectors; HP lists exact patch versions: 10.01CUP12 for v10.0...

4.9CVSS5.8AI score0.00574EPSS
CVE
CVE
added 2014/07/07 10:0 a.m.44 views

CVE-2014-2615

HP Universal CMDB CVE-2014-2615 affects v10.01 and v10.10 with remote code execution and information disclosure (ZDI-CAN-2083). The related HP security bulletin HPSBMU03064 rev.1 states the vulnerabilities (CVE-2014-2615, -2616, -2617) could be exploited remotely to disclose information and execu...

7.5CVSS7.5AI score0.08129EPSS
CVE
CVE
added 2014/07/07 10:0 a.m.38 views

CVE-2014-2616

CVE-2014-2616 affects HP Universal CMDB versions 10.01 and 10.10. The vulnerability allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors (ZDI-CAN-2091); CVSS v2 base score 7.5 (NETWORK, LOW access complexity, NO authentication). HP’s security bulle...

7.5CVSS7.6AI score0.08129EPSS