Search criteria
22 vulnerabilities found for operations_orchestration by hp
CVE-2018-6490 (GCVE-0-2018-6490)
Vulnerability from nvd – Published: 2018-03-02 01:00 – Updated: 2024-09-17 02:41
VLAI?
Title
MFSBGN03801 rev.1 - Micro Focus Operations Orchestration, Remote Denial of Service (DoS)
Summary
Denial of Service vulnerability in Micro Focus Operations Orchestration Software, version 10.x. This vulnerability could be remotely exploited to allow Denial of Service.
Severity ?
5.9 (Medium)
CWE
- Denial of Service (DoS)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus | Operations Orchestration Software |
Affected:
10.x
|
Credits
Micro Focus would like to thank Jacob Baines of Tenable for reporting this issue to security-alert@hpe.com
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:01:49.173Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03103896"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2018-05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Operations Orchestration Software",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "10.x"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Micro Focus would like to thank Jacob Baines of Tenable for reporting this issue to security-alert@hpe.com"
}
],
"datePublic": "2018-03-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Denial of Service vulnerability in Micro Focus Operations Orchestration Software, version 10.x. This vulnerability could be remotely exploited to allow Denial of Service."
}
],
"exploits": [
{
"lang": "en",
"value": "Denial of Service (DoS)"
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:36",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03103896"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2018-05"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "MFSBGN03801 rev.1 - Micro Focus Operations Orchestration, Remote Denial of Service (DoS)",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"DATE_PUBLIC": "2018-03-01T21:00:00.000Z",
"ID": "CVE-2018-6490",
"STATE": "PUBLIC",
"TITLE": "MFSBGN03801 rev.1 - Micro Focus Operations Orchestration, Remote Denial of Service (DoS)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Operations Orchestration Software",
"version": {
"version_data": [
{
"version_value": "10.x"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Micro Focus would like to thank Jacob Baines of Tenable for reporting this issue to security-alert@hpe.com"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Denial of Service vulnerability in Micro Focus Operations Orchestration Software, version 10.x. This vulnerability could be remotely exploited to allow Denial of Service."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Denial of Service (DoS)"
}
],
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03103896",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03103896"
},
{
"name": "https://www.tenable.com/security/research/tra-2018-05",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2018-05"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2018-6490",
"datePublished": "2018-03-02T01:00:00Z",
"dateReserved": "2018-02-01T00:00:00",
"dateUpdated": "2024-09-17T02:41:41.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8519 (GCVE-0-2016-8519)
Vulnerability from nvd – Published: 2018-02-15 22:00 – Updated: 2024-09-16 19:40
VLAI?
Summary
A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found.
Severity ?
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise | Operations Orchestration |
Affected:
˜
Affected: Community and Enterprise editions prior to v10.70 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:27:41.172Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2017-05"
},
{
"name": "1037552",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037552"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05361944"
},
{
"name": "95225",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95225"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Operations Orchestration",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "\u0026#x98"
},
{
"status": "affected",
"version": "Community and Enterprise editions prior to v10.70"
}
]
}
],
"datePublic": "2017-01-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T10:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2017-05"
},
{
"name": "1037552",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037552"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05361944"
},
{
"name": "95225",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95225"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-01-03T00:00:00",
"ID": "CVE-2016-8519",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Operations Orchestration",
"version": {
"version_data": [
{
"version_value": "\u0026#x98"
},
{
"version_value": "Community and Enterprise editions prior to v10.70"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2017-05",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2017-05"
},
{
"name": "1037552",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037552"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05361944",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05361944"
},
{
"name": "95225",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95225"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2016-8519",
"datePublished": "2018-02-15T22:00:00Z",
"dateReserved": "2016-10-07T00:00:00",
"dateUpdated": "2024-09-16T19:40:09.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8994 (GCVE-0-2017-8994)
Vulnerability from nvd – Published: 2017-10-10 21:00 – Updated: 2024-09-16 22:03
VLAI?
Summary
A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely.
Severity ?
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus | HPE Operations Orchestration |
Affected:
All versions prior to 10.80
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:55:21.628Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03767en_us"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2017-28"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2017-25"
},
{
"name": "100588",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100588"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Operations Orchestration",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "All versions prior to 10.80"
}
]
}
],
"datePublic": "2017-08-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-08T10:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03767en_us"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2017-28"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2017-25"
},
{
"name": "100588",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100588"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-08-30T00:00:00",
"ID": "CVE-2017-8994",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Operations Orchestration",
"version": {
"version_data": [
{
"version_value": "All versions prior to 10.80"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03767en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03767en_us"
},
{
"name": "https://www.tenable.com/security/research/tra-2017-28",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2017-28"
},
{
"name": "https://www.tenable.com/security/research/tra-2017-25",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2017-25"
},
{
"name": "100588",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100588"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2017-8994",
"datePublished": "2017-10-10T21:00:00Z",
"dateReserved": "2017-05-15T00:00:00",
"dateUpdated": "2024-09-16T22:03:21.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1997 (GCVE-0-2016-1997)
Vulnerability from nvd – Published: 2016-03-22 10:00 – Updated: 2024-08-05 23:17
VLAI?
Summary
HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:17:49.387Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05050545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-03-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05050545"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1997",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05050545",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05050545"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1997",
"datePublished": "2016-03-22T10:00:00",
"dateReserved": "2016-01-22T00:00:00",
"dateUpdated": "2024-08-05T23:17:49.387Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5451 (GCVE-0-2015-5451)
Vulnerability from nvd – Published: 2015-11-23 02:00 – Updated: 2024-08-06 06:50
VLAI?
Summary
Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:50:02.940Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1034177",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034177"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04894110"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T22:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "1034177",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034177"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04894110"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2015-5451",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1034177",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034177"
},
{
"name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04894110",
"refsource": "CONFIRM",
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04894110"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2015-5451",
"datePublished": "2015-11-23T02:00:00",
"dateReserved": "2015-07-07T00:00:00",
"dateUpdated": "2024-08-06T06:50:02.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-2109 (GCVE-0-2015-2109)
Vulnerability from nvd – Published: 2015-03-31 10:00 – Updated: 2024-08-06 05:02
VLAI?
Summary
Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:02:43.316Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBMU03292",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
},
{
"name": "SSRT101981",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
},
{
"name": "73323",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/73323"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-28T20:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBMU03292",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
},
{
"name": "SSRT101981",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
},
{
"name": "73323",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/73323"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2015-2109",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMU03292",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
},
{
"name": "SSRT101981",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
},
{
"name": "73323",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73323"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2015-2109",
"datePublished": "2015-03-31T10:00:00",
"dateReserved": "2015-02-27T00:00:00",
"dateUpdated": "2024-08-06T05:02:43.316Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-2108 (GCVE-0-2015-2108)
Vulnerability from nvd – Published: 2015-03-31 10:00 – Updated: 2024-08-06 05:02
VLAI?
Summary
Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:02:43.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT101980",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
},
{
"name": "HPSBMU03291",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
},
{
"name": "1031987",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031987"
},
{
"name": "73320",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/73320"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-28T20:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT101980",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
},
{
"name": "HPSBMU03291",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
},
{
"name": "1031987",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031987"
},
{
"name": "73320",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/73320"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2015-2108",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT101980",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
},
{
"name": "HPSBMU03291",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
},
{
"name": "1031987",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031987"
},
{
"name": "73320",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73320"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2015-2108",
"datePublished": "2015-03-31T10:00:00",
"dateReserved": "2015-02-27T00:00:00",
"dateUpdated": "2024-08-06T05:02:43.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-6192 (GCVE-0-2013-6192)
Vulnerability from nvd – Published: 2013-12-17 02:00 – Updated: 2024-08-06 17:29
VLAI?
Summary
Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration before 9 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:29:42.967Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT101342",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "HPSBGN02951",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "1029496",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration before 9 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-06T14:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT101342",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "HPSBGN02951",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "1029496",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-6192",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration before 9 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT101342",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "HPSBGN02951",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "1029496",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-6192",
"datePublished": "2013-12-17T02:00:00",
"dateReserved": "2013-10-21T00:00:00",
"dateUpdated": "2024-08-06T17:29:42.967Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-6191 (GCVE-0-2013-6191)
Vulnerability from nvd – Published: 2013-12-17 02:00 – Updated: 2024-08-06 17:29
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:29:43.144Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT101342",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "HPSBGN02951",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "1029496",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-06T14:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT101342",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "HPSBGN02951",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "1029496",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-6191",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT101342",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "HPSBGN02951",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "1029496",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-6191",
"datePublished": "2013-12-17T02:00:00",
"dateReserved": "2013-10-21T00:00:00",
"dateUpdated": "2024-08-06T17:29:43.144Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3258 (GCVE-0-2012-3258)
Vulnerability from nvd – Published: 2012-09-19 01:00 – Updated: 2024-08-06 19:57
VLAI?
Summary
Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:57:50.364Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBMU02813",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
},
{
"name": "hp-oo-code-execution(78621)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78621"
},
{
"name": "55594",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55594"
},
{
"name": "SSRT100712",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-09-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBMU02813",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
},
{
"name": "hp-oo-code-execution(78621)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78621"
},
{
"name": "55594",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55594"
},
{
"name": "SSRT100712",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2012-3258",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMU02813",
"refsource": "HP",
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
},
{
"name": "hp-oo-code-execution(78621)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78621"
},
{
"name": "55594",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55594"
},
{
"name": "SSRT100712",
"refsource": "HP",
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2012-3258",
"datePublished": "2012-09-19T01:00:00",
"dateReserved": "2012-06-06T00:00:00",
"dateUpdated": "2024-08-06T19:57:50.364Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3985 (GCVE-0-2010-3985)
Vulnerability from nvd – Published: 2010-10-26 18:00 – Updated: 2024-08-07 03:26
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Explorer 6.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:26:12.471Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44331",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44331"
},
{
"name": "41983",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41983"
},
{
"name": "hp-orchestration-unspec-xss(62727)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62727"
},
{
"name": "ADV-2010-2760",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2760"
},
{
"name": "HPSBMA02588",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
},
{
"name": "SSRT100001",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
},
{
"name": "68906",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/68906"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Explorer 6.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "44331",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44331"
},
{
"name": "41983",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41983"
},
{
"name": "hp-orchestration-unspec-xss(62727)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62727"
},
{
"name": "ADV-2010-2760",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2760"
},
{
"name": "HPSBMA02588",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
},
{
"name": "SSRT100001",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
},
{
"name": "68906",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/68906"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2010-3985",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Explorer 6.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44331",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44331"
},
{
"name": "41983",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41983"
},
{
"name": "hp-orchestration-unspec-xss(62727)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62727"
},
{
"name": "ADV-2010-2760",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2760"
},
{
"name": "HPSBMA02588",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
},
{
"name": "SSRT100001",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
},
{
"name": "68906",
"refsource": "OSVDB",
"url": "http://osvdb.org/68906"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2010-3985",
"datePublished": "2010-10-26T18:00:00",
"dateReserved": "2010-10-18T00:00:00",
"dateUpdated": "2024-08-07T03:26:12.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-6490 (GCVE-0-2018-6490)
Vulnerability from cvelistv5 – Published: 2018-03-02 01:00 – Updated: 2024-09-17 02:41
VLAI?
Title
MFSBGN03801 rev.1 - Micro Focus Operations Orchestration, Remote Denial of Service (DoS)
Summary
Denial of Service vulnerability in Micro Focus Operations Orchestration Software, version 10.x. This vulnerability could be remotely exploited to allow Denial of Service.
Severity ?
5.9 (Medium)
CWE
- Denial of Service (DoS)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus | Operations Orchestration Software |
Affected:
10.x
|
Credits
Micro Focus would like to thank Jacob Baines of Tenable for reporting this issue to security-alert@hpe.com
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:01:49.173Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03103896"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2018-05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Operations Orchestration Software",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "10.x"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Micro Focus would like to thank Jacob Baines of Tenable for reporting this issue to security-alert@hpe.com"
}
],
"datePublic": "2018-03-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Denial of Service vulnerability in Micro Focus Operations Orchestration Software, version 10.x. This vulnerability could be remotely exploited to allow Denial of Service."
}
],
"exploits": [
{
"lang": "en",
"value": "Denial of Service (DoS)"
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:36",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03103896"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2018-05"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "MFSBGN03801 rev.1 - Micro Focus Operations Orchestration, Remote Denial of Service (DoS)",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"DATE_PUBLIC": "2018-03-01T21:00:00.000Z",
"ID": "CVE-2018-6490",
"STATE": "PUBLIC",
"TITLE": "MFSBGN03801 rev.1 - Micro Focus Operations Orchestration, Remote Denial of Service (DoS)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Operations Orchestration Software",
"version": {
"version_data": [
{
"version_value": "10.x"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Micro Focus would like to thank Jacob Baines of Tenable for reporting this issue to security-alert@hpe.com"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Denial of Service vulnerability in Micro Focus Operations Orchestration Software, version 10.x. This vulnerability could be remotely exploited to allow Denial of Service."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Denial of Service (DoS)"
}
],
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03103896",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03103896"
},
{
"name": "https://www.tenable.com/security/research/tra-2018-05",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2018-05"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2018-6490",
"datePublished": "2018-03-02T01:00:00Z",
"dateReserved": "2018-02-01T00:00:00",
"dateUpdated": "2024-09-17T02:41:41.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8519 (GCVE-0-2016-8519)
Vulnerability from cvelistv5 – Published: 2018-02-15 22:00 – Updated: 2024-09-16 19:40
VLAI?
Summary
A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found.
Severity ?
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise | Operations Orchestration |
Affected:
˜
Affected: Community and Enterprise editions prior to v10.70 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:27:41.172Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2017-05"
},
{
"name": "1037552",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037552"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05361944"
},
{
"name": "95225",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95225"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Operations Orchestration",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "\u0026#x98"
},
{
"status": "affected",
"version": "Community and Enterprise editions prior to v10.70"
}
]
}
],
"datePublic": "2017-01-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T10:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2017-05"
},
{
"name": "1037552",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037552"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05361944"
},
{
"name": "95225",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95225"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-01-03T00:00:00",
"ID": "CVE-2016-8519",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Operations Orchestration",
"version": {
"version_data": [
{
"version_value": "\u0026#x98"
},
{
"version_value": "Community and Enterprise editions prior to v10.70"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2017-05",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2017-05"
},
{
"name": "1037552",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037552"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05361944",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05361944"
},
{
"name": "95225",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95225"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2016-8519",
"datePublished": "2018-02-15T22:00:00Z",
"dateReserved": "2016-10-07T00:00:00",
"dateUpdated": "2024-09-16T19:40:09.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8994 (GCVE-0-2017-8994)
Vulnerability from cvelistv5 – Published: 2017-10-10 21:00 – Updated: 2024-09-16 22:03
VLAI?
Summary
A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely.
Severity ?
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus | HPE Operations Orchestration |
Affected:
All versions prior to 10.80
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:55:21.628Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03767en_us"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2017-28"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2017-25"
},
{
"name": "100588",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100588"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE Operations Orchestration",
"vendor": "Micro Focus",
"versions": [
{
"status": "affected",
"version": "All versions prior to 10.80"
}
]
}
],
"datePublic": "2017-08-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-08T10:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03767en_us"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2017-28"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2017-25"
},
{
"name": "100588",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100588"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-08-30T00:00:00",
"ID": "CVE-2017-8994",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE Operations Orchestration",
"version": {
"version_data": [
{
"version_value": "All versions prior to 10.80"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03767en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03767en_us"
},
{
"name": "https://www.tenable.com/security/research/tra-2017-28",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2017-28"
},
{
"name": "https://www.tenable.com/security/research/tra-2017-25",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2017-25"
},
{
"name": "100588",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100588"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2017-8994",
"datePublished": "2017-10-10T21:00:00Z",
"dateReserved": "2017-05-15T00:00:00",
"dateUpdated": "2024-09-16T22:03:21.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1997 (GCVE-0-2016-1997)
Vulnerability from cvelistv5 – Published: 2016-03-22 10:00 – Updated: 2024-08-05 23:17
VLAI?
Summary
HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:17:49.387Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05050545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-03-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05050545"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1997",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05050545",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05050545"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1997",
"datePublished": "2016-03-22T10:00:00",
"dateReserved": "2016-01-22T00:00:00",
"dateUpdated": "2024-08-05T23:17:49.387Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5451 (GCVE-0-2015-5451)
Vulnerability from cvelistv5 – Published: 2015-11-23 02:00 – Updated: 2024-08-06 06:50
VLAI?
Summary
Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:50:02.940Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1034177",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034177"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04894110"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T22:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "1034177",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034177"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04894110"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2015-5451",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1034177",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034177"
},
{
"name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04894110",
"refsource": "CONFIRM",
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04894110"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2015-5451",
"datePublished": "2015-11-23T02:00:00",
"dateReserved": "2015-07-07T00:00:00",
"dateUpdated": "2024-08-06T06:50:02.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-2108 (GCVE-0-2015-2108)
Vulnerability from cvelistv5 – Published: 2015-03-31 10:00 – Updated: 2024-08-06 05:02
VLAI?
Summary
Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:02:43.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT101980",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
},
{
"name": "HPSBMU03291",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
},
{
"name": "1031987",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031987"
},
{
"name": "73320",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/73320"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-28T20:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT101980",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
},
{
"name": "HPSBMU03291",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
},
{
"name": "1031987",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031987"
},
{
"name": "73320",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/73320"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2015-2108",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT101980",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
},
{
"name": "HPSBMU03291",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
},
{
"name": "1031987",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031987"
},
{
"name": "73320",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73320"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2015-2108",
"datePublished": "2015-03-31T10:00:00",
"dateReserved": "2015-02-27T00:00:00",
"dateUpdated": "2024-08-06T05:02:43.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-2109 (GCVE-0-2015-2109)
Vulnerability from cvelistv5 – Published: 2015-03-31 10:00 – Updated: 2024-08-06 05:02
VLAI?
Summary
Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:02:43.316Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBMU03292",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
},
{
"name": "SSRT101981",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
},
{
"name": "73323",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/73323"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-28T20:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBMU03292",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
},
{
"name": "SSRT101981",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
},
{
"name": "73323",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/73323"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2015-2109",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMU03292",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
},
{
"name": "SSRT101981",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
},
{
"name": "73323",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73323"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2015-2109",
"datePublished": "2015-03-31T10:00:00",
"dateReserved": "2015-02-27T00:00:00",
"dateUpdated": "2024-08-06T05:02:43.316Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-6191 (GCVE-0-2013-6191)
Vulnerability from cvelistv5 – Published: 2013-12-17 02:00 – Updated: 2024-08-06 17:29
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:29:43.144Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT101342",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "HPSBGN02951",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "1029496",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-06T14:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT101342",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "HPSBGN02951",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "1029496",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-6191",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT101342",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "HPSBGN02951",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "1029496",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-6191",
"datePublished": "2013-12-17T02:00:00",
"dateReserved": "2013-10-21T00:00:00",
"dateUpdated": "2024-08-06T17:29:43.144Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-6192 (GCVE-0-2013-6192)
Vulnerability from cvelistv5 – Published: 2013-12-17 02:00 – Updated: 2024-08-06 17:29
VLAI?
Summary
Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration before 9 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:29:42.967Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT101342",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "HPSBGN02951",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "1029496",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration before 9 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-06T14:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT101342",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "HPSBGN02951",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "1029496",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-6192",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration before 9 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT101342",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "HPSBGN02951",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
},
{
"name": "1029496",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-6192",
"datePublished": "2013-12-17T02:00:00",
"dateReserved": "2013-10-21T00:00:00",
"dateUpdated": "2024-08-06T17:29:42.967Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3258 (GCVE-0-2012-3258)
Vulnerability from cvelistv5 – Published: 2012-09-19 01:00 – Updated: 2024-08-06 19:57
VLAI?
Summary
Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:57:50.364Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBMU02813",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
},
{
"name": "hp-oo-code-execution(78621)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78621"
},
{
"name": "55594",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55594"
},
{
"name": "SSRT100712",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-09-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBMU02813",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
},
{
"name": "hp-oo-code-execution(78621)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78621"
},
{
"name": "55594",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55594"
},
{
"name": "SSRT100712",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2012-3258",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMU02813",
"refsource": "HP",
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
},
{
"name": "hp-oo-code-execution(78621)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78621"
},
{
"name": "55594",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55594"
},
{
"name": "SSRT100712",
"refsource": "HP",
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2012-3258",
"datePublished": "2012-09-19T01:00:00",
"dateReserved": "2012-06-06T00:00:00",
"dateUpdated": "2024-08-06T19:57:50.364Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3985 (GCVE-0-2010-3985)
Vulnerability from cvelistv5 – Published: 2010-10-26 18:00 – Updated: 2024-08-07 03:26
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Explorer 6.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:26:12.471Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44331",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44331"
},
{
"name": "41983",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41983"
},
{
"name": "hp-orchestration-unspec-xss(62727)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62727"
},
{
"name": "ADV-2010-2760",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2760"
},
{
"name": "HPSBMA02588",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
},
{
"name": "SSRT100001",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
},
{
"name": "68906",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/68906"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Explorer 6.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "44331",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44331"
},
{
"name": "41983",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41983"
},
{
"name": "hp-orchestration-unspec-xss(62727)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62727"
},
{
"name": "ADV-2010-2760",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2760"
},
{
"name": "HPSBMA02588",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
},
{
"name": "SSRT100001",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
},
{
"name": "68906",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/68906"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2010-3985",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Explorer 6.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44331",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44331"
},
{
"name": "41983",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41983"
},
{
"name": "hp-orchestration-unspec-xss(62727)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62727"
},
{
"name": "ADV-2010-2760",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2760"
},
{
"name": "HPSBMA02588",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
},
{
"name": "SSRT100001",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
},
{
"name": "68906",
"refsource": "OSVDB",
"url": "http://osvdb.org/68906"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2010-3985",
"datePublished": "2010-10-26T18:00:00",
"dateReserved": "2010-10-18T00:00:00",
"dateUpdated": "2024-08-07T03:26:12.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}