Filtered by vendor Hp
Subscribe
Total
2472 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-7076 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) prior to iMC PLAT 7.3 E0605P04. | |||||
| CVE-2018-7075 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A remote cross-site scripting (XSS) vulnerability was identified in HPE Intelligent Management Center (iMC) PLAT version v7.3 (E0506). The vulnerability is fixed in Intelligent Management Center PLAT 7.3 E0605P04 or subsequent version. | |||||
| CVE-2018-7074 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) PLAT 7.3 E0506P07. The vulnerability was resolved in iMC PLAT 7.3 E0605P04 or subsequent version. | |||||
| CVE-2018-7073 | 2 Canonical, Hp | 2 Ubuntu Linux, Moonshot Provisioning Manager | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A local arbitrary file modification vulnerability was identified in HPE Moonshot Provisioning Manager prior to v1.24. | |||||
| CVE-2018-7072 | 1 Hp | 1 Moonshot Provisioning Manager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A remote bypass of security restrictions vulnerability was identified in HPE Moonshot Provisioning Manager prior to v1.24. | |||||
| CVE-2018-7071 | 1 Hp | 1 Network Function Virtualization Director | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| HPE has identified a remote access to sensitive information vulnerability in HPE Network Function Virtualization Director (NFVD) 4.2.1 prior to gui patch 3. | |||||
| CVE-2018-7070 | 1 Hp | 1 Centralview Fraud Risk Management | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| HPE has identified a remote disclosure of information vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version. | |||||
| CVE-2018-7069 | 1 Hp | 1 Centralview Fraud Risk Management | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| HPE has identified a remote unauthenticated access to files vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version. | |||||
| CVE-2018-7068 | 1 Hp | 1 Centralview Fraud Risk Management | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| HPE has identified a remote HOST header attack vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version. | |||||
| CVE-2018-7059 | 1 Hp | 1 Aruba Clearpass Policy Manager | 2024-11-21 | 4.0 MEDIUM | 8.8 HIGH |
| Aruba ClearPass prior to 6.6.9 has a vulnerability in the API that helps to coordinate cluster actions. An authenticated user with the "mon" permission could use this vulnerability to obtain cluster credentials which could allow privilege escalation. This vulnerability is only present when authenticated as a user with "mon" permission. | |||||
| CVE-2018-7058 | 1 Hp | 1 Aruba Clearpass Policy Manager | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Aruba ClearPass, all versions of 6.6.x prior to 6.6.9 are affected by an authentication bypass vulnerability, an attacker can leverage this vulnerability to gain administrator privileges on the system. The vulnerability is exposed only on ClearPass web interfaces, including administrative, guest captive portal, and API. Customers who do not expose ClearPass web interfaces to untrusted users are impacted to a lesser extent. | |||||
| CVE-2018-6653 | 2 Comforte, Hp | 2 Swap, Nonstop Server | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| comforte SWAP 1049 through 1069 and 20.0.0 through 21.5.3 (as used in SSLOBJ on HPE NonStop SSL T0910, and in the comforte SecurCS, SecurFTP, SecurLib/SSL-AT, and SecurTN products), after executing the RELOAD CERTIFICATES command, does not ensure that clients use a strong TLS cipher suite, which makes it easier for remote attackers to defeat intended cryptographic protection mechanisms by sniffing the network. This is fixed in 21.6.0. | |||||
| CVE-2018-6505 | 1 Hp | 1 Arcsight Management Center | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A potential Unauthenticated File Download vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for Unauthenticated File Downloads. | |||||
| CVE-2018-6503 | 1 Hp | 1 Arcsight Management Center | 2024-11-21 | 6.8 MEDIUM | 6.5 MEDIUM |
| A potential Access Control vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for vulnerable Access Controls. | |||||
| CVE-2018-6502 | 1 Hp | 1 Arcsight Management Center | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A potential Reflected Cross-Site Scripting (XSS) Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for Reflected Cross-site Scripting (XSS). | |||||
| CVE-2018-6501 | 1 Hp | 1 Arcsight Management Center | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Potential security vulnerability of Insufficient Access Controls has been identified in ArcSight Management Center (ArcMC) for versions prior to 2.81. This vulnerability could be exploited to allow for insufficient access controls. | |||||
| CVE-2018-6500 | 1 Hp | 1 Arcsight Management Center | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A potential Directory Traversal Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be remotely exploited to allow Directory Traversal. | |||||
| CVE-2018-6493 | 1 Hp | 2 Network Automation, Network Operations Management Ultimate | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| SQL Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow Remote SQL Injection. | |||||
| CVE-2018-6492 | 1 Hp | 2 Network Automation, Network Operations Management Ultimate | 2024-11-21 | 4.3 MEDIUM | 4.7 MEDIUM |
| Persistent Cross-Site Scripting, and non-persistent HTML Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow persistent cross-site scripting, and non-persistent HTML Injection. | |||||
| CVE-2018-6490 | 1 Hp | 1 Operations Orchestration | 2024-11-21 | 7.8 HIGH | 5.9 MEDIUM |
| Denial of Service vulnerability in Micro Focus Operations Orchestration Software, version 10.x. This vulnerability could be remotely exploited to allow Denial of Service. | |||||