Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for openview_performance_insight by hp

    CVE-2011-2410 (GCVE-0-2011-2410)

    Vulnerability from nvd – Published: 2011-08-19 17:00 – Updated: 2024-09-16 20:07
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    URL Tags
    http://h20000.www2.hp.com/bizsupport/TechSupport/… vendor-advisoryx_refsource_HP
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:00:33.822Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "HPSBMU02695",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02942411"
              },
              {
                "name": "SSRT100480",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02942411"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2011-08-19T17:00:00.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "HPSBMU02695",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02942411"
            },
            {
              "name": "SSRT100480",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02942411"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2011-2410",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "HPSBMU02695",
                  "refsource": "HP",
                  "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02942411"
                },
                {
                  "name": "SSRT100480",
                  "refsource": "HP",
                  "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02942411"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2011-2410",
        "datePublished": "2011-08-19T17:00:00.000Z",
        "dateReserved": "2011-06-06T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:07:35.846Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-2407 (GCVE-0-2011-2407)

    Vulnerability from nvd – Published: 2011-08-11 22:00 – Updated: 2024-08-06 23:00
    VLAI
    Summary
    Unspecified vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to obtain access via unknown vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    URL Tags
    http://securityreason.com/securityalert/8333 third-party-advisoryx_refsource_SREASON
    http://marc.info/?l=bugtraq&m=131292748121409&w=2 vendor-advisoryx_refsource_HP
    http://www.securityfocus.com/bid/49096 vdb-entryx_refsource_BID
    Date Public
    2011-08-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:00:33.797Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "8333",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/8333"
              },
              {
                "name": "SSRT100480",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
              },
              {
                "name": "HPSBMU02695",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
              },
              {
                "name": "49096",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/49096"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-08-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to obtain access via unknown vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2015-03-16T17:57:01.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "8333",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/8333"
            },
            {
              "name": "SSRT100480",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
            },
            {
              "name": "HPSBMU02695",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
            },
            {
              "name": "49096",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/49096"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2011-2407",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to obtain access via unknown vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "8333",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/8333"
                },
                {
                  "name": "SSRT100480",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
                },
                {
                  "name": "HPSBMU02695",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
                },
                {
                  "name": "49096",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/49096"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2011-2407",
        "datePublished": "2011-08-11T22:00:00.000Z",
        "dateReserved": "2011-06-06T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:00:33.797Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-2406 (GCVE-0-2011-2406)

    Vulnerability from nvd – Published: 2011-08-11 22:00 – Updated: 2024-08-06 23:00
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    URL Tags
    http://securityreason.com/securityalert/8333 third-party-advisoryx_refsource_SREASON
    http://marc.info/?l=bugtraq&m=131292748121409&w=2 vendor-advisoryx_refsource_HP
    http://www.securityfocus.com/bid/49096 vdb-entryx_refsource_BID
    Date Public
    2011-08-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:00:33.839Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "8333",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/8333"
              },
              {
                "name": "SSRT100480",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
              },
              {
                "name": "HPSBMU02695",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
              },
              {
                "name": "49096",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/49096"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-08-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2015-03-16T17:57:01.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "8333",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/8333"
            },
            {
              "name": "SSRT100480",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
            },
            {
              "name": "HPSBMU02695",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
            },
            {
              "name": "49096",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/49096"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2011-2406",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "8333",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/8333"
                },
                {
                  "name": "SSRT100480",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
                },
                {
                  "name": "HPSBMU02695",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
                },
                {
                  "name": "49096",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/49096"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2011-2406",
        "datePublished": "2011-08-11T22:00:00.000Z",
        "dateReserved": "2011-06-06T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:00:33.839Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-0276 (GCVE-0-2011-0276)

    Vulnerability from nvd – Published: 2011-02-02 00:00 – Updated: 2024-08-06 21:51
    VLAI
    Summary
    HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the com.trinagy.servlet.HelpManagerServlet class.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    URL Tags
    http://osvdb.org/70754 vdb-entryx_refsource_OSVDB
    http://www.zerodayinitiative.com/advisories/ZDI-11-034 x_refsource_MISC
    http://h20000.www2.hp.com/bizsupport/TechSupport/… vendor-advisoryx_refsource_HP
    http://www.securityfocus.com/archive/1/516093/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/8136 third-party-advisoryx_refsource_SREASON
    http://www.exploit-db.com/exploits/16984 exploitx_refsource_EXPLOIT-DB
    http://www.securitytracker.com/id?1025014 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/43145 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2011/0258 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/46079 vdb-entryx_refsource_BID
    Date Public
    2011-01-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T21:51:07.859Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "70754",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/70754"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-034"
              },
              {
                "name": "SSRT090246",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02695453"
              },
              {
                "name": "20110131 ZDI-11-034: HP OpenView Performance Insight Server Backdoor Account Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/516093/100/0/threaded"
              },
              {
                "name": "HPSBMA02627",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02695453"
              },
              {
                "name": "8136",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/8136"
              },
              {
                "name": "16984",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "http://www.exploit-db.com/exploits/16984"
              },
              {
                "name": "1025014",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1025014"
              },
              {
                "name": "openview-dopost-code-execution(65038)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65038"
              },
              {
                "name": "43145",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43145"
              },
              {
                "name": "ADV-2011-0258",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0258"
              },
              {
                "name": "46079",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/46079"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-01-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a \"hidden account\" in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the com.trinagy.servlet.HelpManagerServlet class."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "70754",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/70754"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-034"
            },
            {
              "name": "SSRT090246",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02695453"
            },
            {
              "name": "20110131 ZDI-11-034: HP OpenView Performance Insight Server Backdoor Account Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/516093/100/0/threaded"
            },
            {
              "name": "HPSBMA02627",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02695453"
            },
            {
              "name": "8136",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/8136"
            },
            {
              "name": "16984",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "http://www.exploit-db.com/exploits/16984"
            },
            {
              "name": "1025014",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1025014"
            },
            {
              "name": "openview-dopost-code-execution(65038)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65038"
            },
            {
              "name": "43145",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43145"
            },
            {
              "name": "ADV-2011-0258",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0258"
            },
            {
              "name": "46079",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/46079"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2011-0276",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a \"hidden account\" in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the com.trinagy.servlet.HelpManagerServlet class."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "70754",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/70754"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-11-034",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-034"
                },
                {
                  "name": "SSRT090246",
                  "refsource": "HP",
                  "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02695453"
                },
                {
                  "name": "20110131 ZDI-11-034: HP OpenView Performance Insight Server Backdoor Account Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/516093/100/0/threaded"
                },
                {
                  "name": "HPSBMA02627",
                  "refsource": "HP",
                  "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02695453"
                },
                {
                  "name": "8136",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/8136"
                },
                {
                  "name": "16984",
                  "refsource": "EXPLOIT-DB",
                  "url": "http://www.exploit-db.com/exploits/16984"
                },
                {
                  "name": "1025014",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1025014"
                },
                {
                  "name": "openview-dopost-code-execution(65038)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65038"
                },
                {
                  "name": "43145",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43145"
                },
                {
                  "name": "ADV-2011-0258",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/0258"
                },
                {
                  "name": "46079",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/46079"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2011-0276",
        "datePublished": "2011-02-02T00:00:00.000Z",
        "dateReserved": "2010-12-23T00:00:00.000Z",
        "dateUpdated": "2024-08-06T21:51:07.859Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-0447 (GCVE-0-2010-0447)

    Vulnerability from nvd – Published: 2010-03-10 22:00 – Updated: 2024-08-07 00:52
    VLAI
    Summary
    The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbitrary commands via vectors involving upload of a JSP document.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    URL Tags
    http://www.securityfocus.com/archive/1/509984/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/38899 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/38611 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.zerodayinitiative.com/advisories/ZDI-10-026 x_refsource_MISC
    http://osvdb.org/62797 vdb-entryx_refsource_OSVDB
    http://marc.info/?l=bugtraq&m=126815897824020&w=2 vendor-advisoryx_refsource_HP
    http://www.vupen.com/english/advisories/2010/0555 vdb-entryx_refsource_VUPEN
    Date Public
    2010-03-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:52:17.350Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20100309 ZDI-10-026: Hewlett-Packard OVPI helpmanager Servlet Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509984/100/0/threaded"
              },
              {
                "name": "38899",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38899"
              },
              {
                "name": "38611",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/38611"
              },
              {
                "name": "hp-performance-unspec-command-exec(56757)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56757"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-026"
              },
              {
                "name": "62797",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/62797"
              },
              {
                "name": "HPSBMA02489",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=126815897824020\u0026w=2"
              },
              {
                "name": "SSRT090065",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=126815897824020\u0026w=2"
              },
              {
                "name": "ADV-2010-0555",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0555"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-03-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbitrary commands via vectors involving upload of a JSP document."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "20100309 ZDI-10-026: Hewlett-Packard OVPI helpmanager Servlet Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509984/100/0/threaded"
            },
            {
              "name": "38899",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38899"
            },
            {
              "name": "38611",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/38611"
            },
            {
              "name": "hp-performance-unspec-command-exec(56757)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56757"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-026"
            },
            {
              "name": "62797",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/62797"
            },
            {
              "name": "HPSBMA02489",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=126815897824020\u0026w=2"
            },
            {
              "name": "SSRT090065",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=126815897824020\u0026w=2"
            },
            {
              "name": "ADV-2010-0555",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0555"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2010-0447",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbitrary commands via vectors involving upload of a JSP document."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20100309 ZDI-10-026: Hewlett-Packard OVPI helpmanager Servlet Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509984/100/0/threaded"
                },
                {
                  "name": "38899",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38899"
                },
                {
                  "name": "38611",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/38611"
                },
                {
                  "name": "hp-performance-unspec-command-exec(56757)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56757"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-026",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-026"
                },
                {
                  "name": "62797",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/62797"
                },
                {
                  "name": "HPSBMA02489",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=126815897824020\u0026w=2"
                },
                {
                  "name": "SSRT090065",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=126815897824020\u0026w=2"
                },
                {
                  "name": "ADV-2010-0555",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0555"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2010-0447",
        "datePublished": "2010-03-10T22:00:00.000Z",
        "dateReserved": "2010-01-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T00:52:17.350Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-2410 (GCVE-0-2011-2410)

    Vulnerability from cvelistv5 – Published: 2011-08-19 17:00 – Updated: 2024-09-16 20:07
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    URL Tags
    http://h20000.www2.hp.com/bizsupport/TechSupport/… vendor-advisoryx_refsource_HP
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:00:33.822Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "HPSBMU02695",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02942411"
              },
              {
                "name": "SSRT100480",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02942411"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2011-08-19T17:00:00.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "HPSBMU02695",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02942411"
            },
            {
              "name": "SSRT100480",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02942411"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2011-2410",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "HPSBMU02695",
                  "refsource": "HP",
                  "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02942411"
                },
                {
                  "name": "SSRT100480",
                  "refsource": "HP",
                  "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02942411"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2011-2410",
        "datePublished": "2011-08-19T17:00:00.000Z",
        "dateReserved": "2011-06-06T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:07:35.846Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-2407 (GCVE-0-2011-2407)

    Vulnerability from cvelistv5 – Published: 2011-08-11 22:00 – Updated: 2024-08-06 23:00
    VLAI
    Summary
    Unspecified vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to obtain access via unknown vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    URL Tags
    http://securityreason.com/securityalert/8333 third-party-advisoryx_refsource_SREASON
    http://marc.info/?l=bugtraq&m=131292748121409&w=2 vendor-advisoryx_refsource_HP
    http://www.securityfocus.com/bid/49096 vdb-entryx_refsource_BID
    Date Public
    2011-08-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:00:33.797Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "8333",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/8333"
              },
              {
                "name": "SSRT100480",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
              },
              {
                "name": "HPSBMU02695",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
              },
              {
                "name": "49096",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/49096"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-08-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to obtain access via unknown vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2015-03-16T17:57:01.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "8333",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/8333"
            },
            {
              "name": "SSRT100480",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
            },
            {
              "name": "HPSBMU02695",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
            },
            {
              "name": "49096",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/49096"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2011-2407",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to obtain access via unknown vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "8333",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/8333"
                },
                {
                  "name": "SSRT100480",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
                },
                {
                  "name": "HPSBMU02695",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
                },
                {
                  "name": "49096",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/49096"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2011-2407",
        "datePublished": "2011-08-11T22:00:00.000Z",
        "dateReserved": "2011-06-06T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:00:33.797Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-2406 (GCVE-0-2011-2406)

    Vulnerability from cvelistv5 – Published: 2011-08-11 22:00 – Updated: 2024-08-06 23:00
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    URL Tags
    http://securityreason.com/securityalert/8333 third-party-advisoryx_refsource_SREASON
    http://marc.info/?l=bugtraq&m=131292748121409&w=2 vendor-advisoryx_refsource_HP
    http://www.securityfocus.com/bid/49096 vdb-entryx_refsource_BID
    Date Public
    2011-08-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:00:33.839Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "8333",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/8333"
              },
              {
                "name": "SSRT100480",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
              },
              {
                "name": "HPSBMU02695",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
              },
              {
                "name": "49096",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/49096"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-08-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2015-03-16T17:57:01.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "8333",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/8333"
            },
            {
              "name": "SSRT100480",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
            },
            {
              "name": "HPSBMU02695",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
            },
            {
              "name": "49096",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/49096"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2011-2406",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "8333",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/8333"
                },
                {
                  "name": "SSRT100480",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
                },
                {
                  "name": "HPSBMU02695",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=131292748121409\u0026w=2"
                },
                {
                  "name": "49096",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/49096"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2011-2406",
        "datePublished": "2011-08-11T22:00:00.000Z",
        "dateReserved": "2011-06-06T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:00:33.839Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-0276 (GCVE-0-2011-0276)

    Vulnerability from cvelistv5 – Published: 2011-02-02 00:00 – Updated: 2024-08-06 21:51
    VLAI
    Summary
    HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the com.trinagy.servlet.HelpManagerServlet class.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    URL Tags
    http://osvdb.org/70754 vdb-entryx_refsource_OSVDB
    http://www.zerodayinitiative.com/advisories/ZDI-11-034 x_refsource_MISC
    http://h20000.www2.hp.com/bizsupport/TechSupport/… vendor-advisoryx_refsource_HP
    http://www.securityfocus.com/archive/1/516093/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/8136 third-party-advisoryx_refsource_SREASON
    http://www.exploit-db.com/exploits/16984 exploitx_refsource_EXPLOIT-DB
    http://www.securitytracker.com/id?1025014 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/43145 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2011/0258 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/46079 vdb-entryx_refsource_BID
    Date Public
    2011-01-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T21:51:07.859Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "70754",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/70754"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-034"
              },
              {
                "name": "SSRT090246",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02695453"
              },
              {
                "name": "20110131 ZDI-11-034: HP OpenView Performance Insight Server Backdoor Account Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/516093/100/0/threaded"
              },
              {
                "name": "HPSBMA02627",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02695453"
              },
              {
                "name": "8136",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/8136"
              },
              {
                "name": "16984",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "http://www.exploit-db.com/exploits/16984"
              },
              {
                "name": "1025014",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1025014"
              },
              {
                "name": "openview-dopost-code-execution(65038)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65038"
              },
              {
                "name": "43145",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43145"
              },
              {
                "name": "ADV-2011-0258",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0258"
              },
              {
                "name": "46079",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/46079"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-01-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a \"hidden account\" in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the com.trinagy.servlet.HelpManagerServlet class."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "70754",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/70754"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-034"
            },
            {
              "name": "SSRT090246",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02695453"
            },
            {
              "name": "20110131 ZDI-11-034: HP OpenView Performance Insight Server Backdoor Account Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/516093/100/0/threaded"
            },
            {
              "name": "HPSBMA02627",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02695453"
            },
            {
              "name": "8136",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/8136"
            },
            {
              "name": "16984",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "http://www.exploit-db.com/exploits/16984"
            },
            {
              "name": "1025014",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1025014"
            },
            {
              "name": "openview-dopost-code-execution(65038)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65038"
            },
            {
              "name": "43145",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43145"
            },
            {
              "name": "ADV-2011-0258",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0258"
            },
            {
              "name": "46079",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/46079"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2011-0276",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a \"hidden account\" in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the com.trinagy.servlet.HelpManagerServlet class."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "70754",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/70754"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-11-034",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-034"
                },
                {
                  "name": "SSRT090246",
                  "refsource": "HP",
                  "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02695453"
                },
                {
                  "name": "20110131 ZDI-11-034: HP OpenView Performance Insight Server Backdoor Account Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/516093/100/0/threaded"
                },
                {
                  "name": "HPSBMA02627",
                  "refsource": "HP",
                  "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02695453"
                },
                {
                  "name": "8136",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/8136"
                },
                {
                  "name": "16984",
                  "refsource": "EXPLOIT-DB",
                  "url": "http://www.exploit-db.com/exploits/16984"
                },
                {
                  "name": "1025014",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1025014"
                },
                {
                  "name": "openview-dopost-code-execution(65038)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65038"
                },
                {
                  "name": "43145",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43145"
                },
                {
                  "name": "ADV-2011-0258",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/0258"
                },
                {
                  "name": "46079",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/46079"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2011-0276",
        "datePublished": "2011-02-02T00:00:00.000Z",
        "dateReserved": "2010-12-23T00:00:00.000Z",
        "dateUpdated": "2024-08-06T21:51:07.859Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-0447 (GCVE-0-2010-0447)

    Vulnerability from cvelistv5 – Published: 2010-03-10 22:00 – Updated: 2024-08-07 00:52
    VLAI
    Summary
    The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbitrary commands via vectors involving upload of a JSP document.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    URL Tags
    http://www.securityfocus.com/archive/1/509984/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/38899 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/38611 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.zerodayinitiative.com/advisories/ZDI-10-026 x_refsource_MISC
    http://osvdb.org/62797 vdb-entryx_refsource_OSVDB
    http://marc.info/?l=bugtraq&m=126815897824020&w=2 vendor-advisoryx_refsource_HP
    http://www.vupen.com/english/advisories/2010/0555 vdb-entryx_refsource_VUPEN
    Date Public
    2010-03-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:52:17.350Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20100309 ZDI-10-026: Hewlett-Packard OVPI helpmanager Servlet Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509984/100/0/threaded"
              },
              {
                "name": "38899",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38899"
              },
              {
                "name": "38611",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/38611"
              },
              {
                "name": "hp-performance-unspec-command-exec(56757)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56757"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-026"
              },
              {
                "name": "62797",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/62797"
              },
              {
                "name": "HPSBMA02489",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=126815897824020\u0026w=2"
              },
              {
                "name": "SSRT090065",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=126815897824020\u0026w=2"
              },
              {
                "name": "ADV-2010-0555",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0555"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-03-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbitrary commands via vectors involving upload of a JSP document."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "20100309 ZDI-10-026: Hewlett-Packard OVPI helpmanager Servlet Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509984/100/0/threaded"
            },
            {
              "name": "38899",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38899"
            },
            {
              "name": "38611",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/38611"
            },
            {
              "name": "hp-performance-unspec-command-exec(56757)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56757"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-026"
            },
            {
              "name": "62797",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/62797"
            },
            {
              "name": "HPSBMA02489",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=126815897824020\u0026w=2"
            },
            {
              "name": "SSRT090065",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=126815897824020\u0026w=2"
            },
            {
              "name": "ADV-2010-0555",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0555"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2010-0447",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbitrary commands via vectors involving upload of a JSP document."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20100309 ZDI-10-026: Hewlett-Packard OVPI helpmanager Servlet Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509984/100/0/threaded"
                },
                {
                  "name": "38899",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38899"
                },
                {
                  "name": "38611",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/38611"
                },
                {
                  "name": "hp-performance-unspec-command-exec(56757)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56757"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-026",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-026"
                },
                {
                  "name": "62797",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/62797"
                },
                {
                  "name": "HPSBMA02489",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=126815897824020\u0026w=2"
                },
                {
                  "name": "SSRT090065",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=126815897824020\u0026w=2"
                },
                {
                  "name": "ADV-2010-0555",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0555"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2010-0447",
        "datePublished": "2010-03-10T22:00:00.000Z",
        "dateReserved": "2010-01-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T00:52:17.350Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }