Search

Find a vulnerability

Search criteria

    22 vulnerabilities found for operations_orchestration by hp

    CVE-2018-6490 (GCVE-0-2018-6490)

    Vulnerability from nvd – Published: 2018-03-02 01:00 – Updated: 2024-09-17 02:41
    VLAI
    Title
    MFSBGN03801 rev.1 - Micro Focus Operations Orchestration, Remote Denial of Service (DoS)
    Summary
    Denial of Service vulnerability in Micro Focus Operations Orchestration Software, version 10.x. This vulnerability could be remotely exploited to allow Denial of Service.
    CWE
    • Denial of Service (DoS)
    Assigner
    References
    Impacted products
    Date Public
    2018-03-01 00:00
    Credits
    Micro Focus would like to thank Jacob Baines of Tenable for reporting this issue to security-alert@hpe.com
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:01:49.173Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03103896"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/research/tra-2018-05"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Operations Orchestration Software",
              "vendor": "Micro Focus",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.x"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Micro Focus would like to thank Jacob Baines of Tenable for reporting this issue to security-alert@hpe.com"
            }
          ],
          "datePublic": "2018-03-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Denial of Service vulnerability in Micro Focus Operations Orchestration Software, version 10.x. This vulnerability could be remotely exploited to allow Denial of Service."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "Denial of Service (DoS)"
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of Service (DoS)",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:36.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03103896"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.tenable.com/security/research/tra-2018-05"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "MFSBGN03801 rev.1 - Micro Focus Operations Orchestration, Remote Denial of Service (DoS)",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "DATE_PUBLIC": "2018-03-01T21:00:00.000Z",
              "ID": "CVE-2018-6490",
              "STATE": "PUBLIC",
              "TITLE": "MFSBGN03801 rev.1 - Micro Focus Operations Orchestration, Remote Denial of Service (DoS)"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Operations Orchestration Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "10.x"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Micro Focus"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Micro Focus would like to thank Jacob Baines of Tenable for reporting this issue to security-alert@hpe.com"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Denial of Service vulnerability in Micro Focus Operations Orchestration Software, version 10.x. This vulnerability could be remotely exploited to allow Denial of Service."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "Denial of Service (DoS)"
              }
            ],
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Denial of Service (DoS)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03103896",
                  "refsource": "CONFIRM",
                  "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03103896"
                },
                {
                  "name": "https://www.tenable.com/security/research/tra-2018-05",
                  "refsource": "MISC",
                  "url": "https://www.tenable.com/security/research/tra-2018-05"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2018-6490",
        "datePublished": "2018-03-02T01:00:00.000Z",
        "dateReserved": "2018-02-01T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:41:41.351Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8519 (GCVE-0-2016-8519)

    Vulnerability from nvd – Published: 2018-02-15 22:00 – Updated: 2024-09-16 19:40
    VLAI
    Summary
    A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    hpe
    References
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise Operations Orchestration Affected: &#x98
    Affected: Community and Enterprise editions prior to v10.70
    Create a notification for this product.
    Date Public
    2017-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:27:41.172Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/research/tra-2017-05"
              },
              {
                "name": "1037552",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037552"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05361944"
              },
              {
                "name": "95225",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/95225"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Operations Orchestration",
              "vendor": "Hewlett Packard Enterprise",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u0026#x98"
                },
                {
                  "status": "affected",
                  "version": "Community and Enterprise editions prior to v10.70"
                }
              ]
            }
          ],
          "datePublic": "2017-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-16T10:57:01.000Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.tenable.com/security/research/tra-2017-05"
            },
            {
              "name": "1037552",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037552"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05361944"
            },
            {
              "name": "95225",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/95225"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security-alert@hpe.com",
              "DATE_PUBLIC": "2017-01-03T00:00:00",
              "ID": "CVE-2016-8519",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Operations Orchestration",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u0026#x98"
                              },
                              {
                                "version_value": "Community and Enterprise editions prior to v10.70"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Hewlett Packard Enterprise"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.tenable.com/security/research/tra-2017-05",
                  "refsource": "MISC",
                  "url": "https://www.tenable.com/security/research/tra-2017-05"
                },
                {
                  "name": "1037552",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037552"
                },
                {
                  "name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05361944",
                  "refsource": "CONFIRM",
                  "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05361944"
                },
                {
                  "name": "95225",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/95225"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2016-8519",
        "datePublished": "2018-02-15T22:00:00.000Z",
        "dateReserved": "2016-10-07T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:40:09.174Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-8994 (GCVE-0-2017-8994)

    Vulnerability from nvd – Published: 2017-10-10 21:00 – Updated: 2024-09-16 22:03
    VLAI
    Summary
    A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Micro Focus HPE Operations Orchestration Affected: All versions prior to 10.80
    Create a notification for this product.
    Date Public
    2017-08-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T16:55:21.628Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03767en_us"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/research/tra-2017-28"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/research/tra-2017-25"
              },
              {
                "name": "100588",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/100588"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "HPE Operations Orchestration",
              "vendor": "Micro Focus",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions prior to 10.80"
                }
              ]
            }
          ],
          "datePublic": "2017-08-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-08T10:57:01.000Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03767en_us"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.tenable.com/security/research/tra-2017-28"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.tenable.com/security/research/tra-2017-25"
            },
            {
              "name": "100588",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/100588"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security-alert@hpe.com",
              "DATE_PUBLIC": "2017-08-30T00:00:00",
              "ID": "CVE-2017-8994",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "HPE Operations Orchestration",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions prior to 10.80"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Micro Focus"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03767en_us",
                  "refsource": "CONFIRM",
                  "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03767en_us"
                },
                {
                  "name": "https://www.tenable.com/security/research/tra-2017-28",
                  "refsource": "MISC",
                  "url": "https://www.tenable.com/security/research/tra-2017-28"
                },
                {
                  "name": "https://www.tenable.com/security/research/tra-2017-25",
                  "refsource": "MISC",
                  "url": "https://www.tenable.com/security/research/tra-2017-25"
                },
                {
                  "name": "100588",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/100588"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2017-8994",
        "datePublished": "2017-10-10T21:00:00.000Z",
        "dateReserved": "2017-05-15T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:03:21.024Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-1997 (GCVE-0-2016-1997)

    Vulnerability from nvd – Published: 2016-03-22 10:00 – Updated: 2024-08-05 23:17
    VLAI
    Summary
    HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2016-03-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T23:17:49.387Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05050545"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2016-03-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-11-29T21:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05050545"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2016-1997",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05050545",
                  "refsource": "CONFIRM",
                  "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05050545"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2016-1997",
        "datePublished": "2016-03-22T10:00:00.000Z",
        "dateReserved": "2016-01-22T00:00:00.000Z",
        "dateUpdated": "2024-08-05T23:17:49.387Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-5451 (GCVE-0-2015-5451)

    Vulnerability from nvd – Published: 2015-11-23 02:00 – Updated: 2024-08-06 06:50
    VLAI
    Summary
    Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    URL Tags
    http://www.securitytracker.com/id/1034177 vdb-entryx_refsource_SECTRACK
    https://h20564.www2.hpe.com/portal/site/hpsc/publ… x_refsource_CONFIRM
    Date Public
    2015-11-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T06:50:02.940Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1034177",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1034177"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04894110"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-11-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-12-05T22:57:01.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "1034177",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1034177"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04894110"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2015-5451",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1034177",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1034177"
                },
                {
                  "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04894110",
                  "refsource": "CONFIRM",
                  "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04894110"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2015-5451",
        "datePublished": "2015-11-23T02:00:00.000Z",
        "dateReserved": "2015-07-07T00:00:00.000Z",
        "dateUpdated": "2024-08-06T06:50:02.940Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-2109 (GCVE-0-2015-2109)

    Vulnerability from nvd – Published: 2015-03-31 10:00 – Updated: 2024-08-06 05:02
    VLAI
    Summary
    Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    URL Tags
    https://h20564.www2.hp.com/hpsc/doc/public/displa… vendor-advisoryx_refsource_HP
    http://www.securityfocus.com/bid/73323 vdb-entryx_refsource_BID
    Date Public
    2015-03-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T05:02:43.316Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "HPSBMU03292",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
              },
              {
                "name": "SSRT101981",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
              },
              {
                "name": "73323",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/73323"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-03-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-11-28T20:57:01.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "HPSBMU03292",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
            },
            {
              "name": "SSRT101981",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
            },
            {
              "name": "73323",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/73323"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2015-2109",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "HPSBMU03292",
                  "refsource": "HP",
                  "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
                },
                {
                  "name": "SSRT101981",
                  "refsource": "HP",
                  "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
                },
                {
                  "name": "73323",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/73323"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2015-2109",
        "datePublished": "2015-03-31T10:00:00.000Z",
        "dateReserved": "2015-02-27T00:00:00.000Z",
        "dateUpdated": "2024-08-06T05:02:43.316Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-2108 (GCVE-0-2015-2108)

    Vulnerability from nvd – Published: 2015-03-31 10:00 – Updated: 2024-08-06 05:02
    VLAI
    Summary
    Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    URL Tags
    https://h20564.www2.hp.com/hpsc/doc/public/displa… vendor-advisoryx_refsource_HP
    http://www.securitytracker.com/id/1031987 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/73320 vdb-entryx_refsource_BID
    Date Public
    2015-03-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T05:02:43.335Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "SSRT101980",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
              },
              {
                "name": "HPSBMU03291",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
              },
              {
                "name": "1031987",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1031987"
              },
              {
                "name": "73320",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/73320"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-03-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-11-28T20:57:01.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "SSRT101980",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
            },
            {
              "name": "HPSBMU03291",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
            },
            {
              "name": "1031987",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1031987"
            },
            {
              "name": "73320",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/73320"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2015-2108",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "SSRT101980",
                  "refsource": "HP",
                  "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
                },
                {
                  "name": "HPSBMU03291",
                  "refsource": "HP",
                  "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
                },
                {
                  "name": "1031987",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1031987"
                },
                {
                  "name": "73320",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/73320"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2015-2108",
        "datePublished": "2015-03-31T10:00:00.000Z",
        "dateReserved": "2015-02-27T00:00:00.000Z",
        "dateUpdated": "2024-08-06T05:02:43.335Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-6192 (GCVE-0-2013-6192)

    Vulnerability from nvd – Published: 2013-12-17 02:00 – Updated: 2024-08-06 17:29
    VLAI
    Summary
    Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration before 9 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    URL Tags
    https://h20564.www2.hp.com/portal/site/hpsc/publi… vendor-advisoryx_refsource_HP
    http://www.securitytracker.com/id/1029496 vdb-entryx_refsource_SECTRACK
    Date Public
    2013-12-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:29:42.967Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "SSRT101342",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
              },
              {
                "name": "HPSBGN02951",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
              },
              {
                "name": "1029496",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1029496"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-12-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration before 9 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-01-06T14:57:01.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "SSRT101342",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
            },
            {
              "name": "HPSBGN02951",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
            },
            {
              "name": "1029496",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1029496"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2013-6192",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration before 9 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "SSRT101342",
                  "refsource": "HP",
                  "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
                },
                {
                  "name": "HPSBGN02951",
                  "refsource": "HP",
                  "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
                },
                {
                  "name": "1029496",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1029496"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2013-6192",
        "datePublished": "2013-12-17T02:00:00.000Z",
        "dateReserved": "2013-10-21T00:00:00.000Z",
        "dateUpdated": "2024-08-06T17:29:42.967Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-6191 (GCVE-0-2013-6191)

    Vulnerability from nvd – Published: 2013-12-17 02:00 – Updated: 2024-08-06 17:29
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    URL Tags
    https://h20564.www2.hp.com/portal/site/hpsc/publi… vendor-advisoryx_refsource_HP
    http://www.securitytracker.com/id/1029496 vdb-entryx_refsource_SECTRACK
    Date Public
    2013-12-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:29:43.144Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "SSRT101342",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
              },
              {
                "name": "HPSBGN02951",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
              },
              {
                "name": "1029496",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1029496"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-12-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-01-06T14:57:01.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "SSRT101342",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
            },
            {
              "name": "HPSBGN02951",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
            },
            {
              "name": "1029496",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1029496"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2013-6191",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "SSRT101342",
                  "refsource": "HP",
                  "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
                },
                {
                  "name": "HPSBGN02951",
                  "refsource": "HP",
                  "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
                },
                {
                  "name": "1029496",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1029496"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2013-6191",
        "datePublished": "2013-12-17T02:00:00.000Z",
        "dateReserved": "2013-10-21T00:00:00.000Z",
        "dateUpdated": "2024-08-06T17:29:43.144Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-3258 (GCVE-0-2012-3258)

    Vulnerability from nvd – Published: 2012-09-19 01:00 – Updated: 2024-08-06 19:57
    VLAI
    Summary
    Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    Date Public
    2012-09-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T19:57:50.364Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "HPSBMU02813",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
              },
              {
                "name": "hp-oo-code-execution(78621)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78621"
              },
              {
                "name": "55594",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/55594"
              },
              {
                "name": "SSRT100712",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-09-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "HPSBMU02813",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
            },
            {
              "name": "hp-oo-code-execution(78621)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78621"
            },
            {
              "name": "55594",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/55594"
            },
            {
              "name": "SSRT100712",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2012-3258",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "HPSBMU02813",
                  "refsource": "HP",
                  "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
                },
                {
                  "name": "hp-oo-code-execution(78621)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78621"
                },
                {
                  "name": "55594",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/55594"
                },
                {
                  "name": "SSRT100712",
                  "refsource": "HP",
                  "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2012-3258",
        "datePublished": "2012-09-19T01:00:00.000Z",
        "dateReserved": "2012-06-06T00:00:00.000Z",
        "dateUpdated": "2024-08-06T19:57:50.364Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-3985 (GCVE-0-2010-3985)

    Vulnerability from nvd – Published: 2010-10-26 18:00 – Updated: 2024-08-07 03:26
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Explorer 6.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    URL Tags
    http://www.securityfocus.com/bid/44331 vdb-entryx_refsource_BID
    http://secunia.com/advisories/41983 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2010/2760 vdb-entryx_refsource_VUPEN
    http://h20000.www2.hp.com/bizsupport/TechSupport/… vendor-advisoryx_refsource_HP
    http://osvdb.org/68906 vdb-entryx_refsource_OSVDB
    Date Public
    2010-10-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T03:26:12.471Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "44331",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/44331"
              },
              {
                "name": "41983",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/41983"
              },
              {
                "name": "hp-orchestration-unspec-xss(62727)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62727"
              },
              {
                "name": "ADV-2010-2760",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/2760"
              },
              {
                "name": "HPSBMA02588",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
              },
              {
                "name": "SSRT100001",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
              },
              {
                "name": "68906",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68906"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-10-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Explorer 6.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "44331",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/44331"
            },
            {
              "name": "41983",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/41983"
            },
            {
              "name": "hp-orchestration-unspec-xss(62727)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62727"
            },
            {
              "name": "ADV-2010-2760",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/2760"
            },
            {
              "name": "HPSBMA02588",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
            },
            {
              "name": "SSRT100001",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
            },
            {
              "name": "68906",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68906"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2010-3985",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Explorer 6.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "44331",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/44331"
                },
                {
                  "name": "41983",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/41983"
                },
                {
                  "name": "hp-orchestration-unspec-xss(62727)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62727"
                },
                {
                  "name": "ADV-2010-2760",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/2760"
                },
                {
                  "name": "HPSBMA02588",
                  "refsource": "HP",
                  "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
                },
                {
                  "name": "SSRT100001",
                  "refsource": "HP",
                  "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
                },
                {
                  "name": "68906",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68906"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2010-3985",
        "datePublished": "2010-10-26T18:00:00.000Z",
        "dateReserved": "2010-10-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T03:26:12.471Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-6490 (GCVE-0-2018-6490)

    Vulnerability from cvelistv5 – Published: 2018-03-02 01:00 – Updated: 2024-09-17 02:41
    VLAI
    Title
    MFSBGN03801 rev.1 - Micro Focus Operations Orchestration, Remote Denial of Service (DoS)
    Summary
    Denial of Service vulnerability in Micro Focus Operations Orchestration Software, version 10.x. This vulnerability could be remotely exploited to allow Denial of Service.
    CWE
    • Denial of Service (DoS)
    Assigner
    References
    Impacted products
    Date Public
    2018-03-01 00:00
    Credits
    Micro Focus would like to thank Jacob Baines of Tenable for reporting this issue to security-alert@hpe.com
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:01:49.173Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03103896"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/research/tra-2018-05"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Operations Orchestration Software",
              "vendor": "Micro Focus",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.x"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Micro Focus would like to thank Jacob Baines of Tenable for reporting this issue to security-alert@hpe.com"
            }
          ],
          "datePublic": "2018-03-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Denial of Service vulnerability in Micro Focus Operations Orchestration Software, version 10.x. This vulnerability could be remotely exploited to allow Denial of Service."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "Denial of Service (DoS)"
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of Service (DoS)",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:36.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03103896"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.tenable.com/security/research/tra-2018-05"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "MFSBGN03801 rev.1 - Micro Focus Operations Orchestration, Remote Denial of Service (DoS)",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "DATE_PUBLIC": "2018-03-01T21:00:00.000Z",
              "ID": "CVE-2018-6490",
              "STATE": "PUBLIC",
              "TITLE": "MFSBGN03801 rev.1 - Micro Focus Operations Orchestration, Remote Denial of Service (DoS)"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Operations Orchestration Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "10.x"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Micro Focus"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Micro Focus would like to thank Jacob Baines of Tenable for reporting this issue to security-alert@hpe.com"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Denial of Service vulnerability in Micro Focus Operations Orchestration Software, version 10.x. This vulnerability could be remotely exploited to allow Denial of Service."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "Denial of Service (DoS)"
              }
            ],
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Denial of Service (DoS)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03103896",
                  "refsource": "CONFIRM",
                  "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03103896"
                },
                {
                  "name": "https://www.tenable.com/security/research/tra-2018-05",
                  "refsource": "MISC",
                  "url": "https://www.tenable.com/security/research/tra-2018-05"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2018-6490",
        "datePublished": "2018-03-02T01:00:00.000Z",
        "dateReserved": "2018-02-01T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:41:41.351Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8519 (GCVE-0-2016-8519)

    Vulnerability from cvelistv5 – Published: 2018-02-15 22:00 – Updated: 2024-09-16 19:40
    VLAI
    Summary
    A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    hpe
    References
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise Operations Orchestration Affected: &#x98
    Affected: Community and Enterprise editions prior to v10.70
    Create a notification for this product.
    Date Public
    2017-01-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:27:41.172Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/research/tra-2017-05"
              },
              {
                "name": "1037552",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037552"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05361944"
              },
              {
                "name": "95225",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/95225"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Operations Orchestration",
              "vendor": "Hewlett Packard Enterprise",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u0026#x98"
                },
                {
                  "status": "affected",
                  "version": "Community and Enterprise editions prior to v10.70"
                }
              ]
            }
          ],
          "datePublic": "2017-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-16T10:57:01.000Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.tenable.com/security/research/tra-2017-05"
            },
            {
              "name": "1037552",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037552"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05361944"
            },
            {
              "name": "95225",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/95225"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security-alert@hpe.com",
              "DATE_PUBLIC": "2017-01-03T00:00:00",
              "ID": "CVE-2016-8519",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Operations Orchestration",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u0026#x98"
                              },
                              {
                                "version_value": "Community and Enterprise editions prior to v10.70"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Hewlett Packard Enterprise"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.tenable.com/security/research/tra-2017-05",
                  "refsource": "MISC",
                  "url": "https://www.tenable.com/security/research/tra-2017-05"
                },
                {
                  "name": "1037552",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037552"
                },
                {
                  "name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05361944",
                  "refsource": "CONFIRM",
                  "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05361944"
                },
                {
                  "name": "95225",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/95225"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2016-8519",
        "datePublished": "2018-02-15T22:00:00.000Z",
        "dateReserved": "2016-10-07T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:40:09.174Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-8994 (GCVE-0-2017-8994)

    Vulnerability from cvelistv5 – Published: 2017-10-10 21:00 – Updated: 2024-09-16 22:03
    VLAI
    Summary
    A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Micro Focus HPE Operations Orchestration Affected: All versions prior to 10.80
    Create a notification for this product.
    Date Public
    2017-08-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T16:55:21.628Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03767en_us"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/research/tra-2017-28"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.tenable.com/security/research/tra-2017-25"
              },
              {
                "name": "100588",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/100588"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "HPE Operations Orchestration",
              "vendor": "Micro Focus",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions prior to 10.80"
                }
              ]
            }
          ],
          "datePublic": "2017-08-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-08T10:57:01.000Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03767en_us"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.tenable.com/security/research/tra-2017-28"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.tenable.com/security/research/tra-2017-25"
            },
            {
              "name": "100588",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/100588"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security-alert@hpe.com",
              "DATE_PUBLIC": "2017-08-30T00:00:00",
              "ID": "CVE-2017-8994",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "HPE Operations Orchestration",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions prior to 10.80"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Micro Focus"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03767en_us",
                  "refsource": "CONFIRM",
                  "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03767en_us"
                },
                {
                  "name": "https://www.tenable.com/security/research/tra-2017-28",
                  "refsource": "MISC",
                  "url": "https://www.tenable.com/security/research/tra-2017-28"
                },
                {
                  "name": "https://www.tenable.com/security/research/tra-2017-25",
                  "refsource": "MISC",
                  "url": "https://www.tenable.com/security/research/tra-2017-25"
                },
                {
                  "name": "100588",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/100588"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2017-8994",
        "datePublished": "2017-10-10T21:00:00.000Z",
        "dateReserved": "2017-05-15T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:03:21.024Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-1997 (GCVE-0-2016-1997)

    Vulnerability from cvelistv5 – Published: 2016-03-22 10:00 – Updated: 2024-08-05 23:17
    VLAI
    Summary
    HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2016-03-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T23:17:49.387Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05050545"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2016-03-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-11-29T21:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05050545"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2016-1997",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05050545",
                  "refsource": "CONFIRM",
                  "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05050545"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2016-1997",
        "datePublished": "2016-03-22T10:00:00.000Z",
        "dateReserved": "2016-01-22T00:00:00.000Z",
        "dateUpdated": "2024-08-05T23:17:49.387Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-5451 (GCVE-0-2015-5451)

    Vulnerability from cvelistv5 – Published: 2015-11-23 02:00 – Updated: 2024-08-06 06:50
    VLAI
    Summary
    Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    URL Tags
    http://www.securitytracker.com/id/1034177 vdb-entryx_refsource_SECTRACK
    https://h20564.www2.hpe.com/portal/site/hpsc/publ… x_refsource_CONFIRM
    Date Public
    2015-11-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T06:50:02.940Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1034177",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1034177"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04894110"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-11-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-12-05T22:57:01.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "1034177",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1034177"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04894110"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2015-5451",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1034177",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1034177"
                },
                {
                  "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04894110",
                  "refsource": "CONFIRM",
                  "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04894110"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2015-5451",
        "datePublished": "2015-11-23T02:00:00.000Z",
        "dateReserved": "2015-07-07T00:00:00.000Z",
        "dateUpdated": "2024-08-06T06:50:02.940Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-2108 (GCVE-0-2015-2108)

    Vulnerability from cvelistv5 – Published: 2015-03-31 10:00 – Updated: 2024-08-06 05:02
    VLAI
    Summary
    Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    URL Tags
    https://h20564.www2.hp.com/hpsc/doc/public/displa… vendor-advisoryx_refsource_HP
    http://www.securitytracker.com/id/1031987 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/73320 vdb-entryx_refsource_BID
    Date Public
    2015-03-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T05:02:43.335Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "SSRT101980",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
              },
              {
                "name": "HPSBMU03291",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
              },
              {
                "name": "1031987",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1031987"
              },
              {
                "name": "73320",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/73320"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-03-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-11-28T20:57:01.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "SSRT101980",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
            },
            {
              "name": "HPSBMU03291",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
            },
            {
              "name": "1031987",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1031987"
            },
            {
              "name": "73320",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/73320"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2015-2108",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "SSRT101980",
                  "refsource": "HP",
                  "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
                },
                {
                  "name": "HPSBMU03291",
                  "refsource": "HP",
                  "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417"
                },
                {
                  "name": "1031987",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1031987"
                },
                {
                  "name": "73320",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/73320"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2015-2108",
        "datePublished": "2015-03-31T10:00:00.000Z",
        "dateReserved": "2015-02-27T00:00:00.000Z",
        "dateUpdated": "2024-08-06T05:02:43.335Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-2109 (GCVE-0-2015-2109)

    Vulnerability from cvelistv5 – Published: 2015-03-31 10:00 – Updated: 2024-08-06 05:02
    VLAI
    Summary
    Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    URL Tags
    https://h20564.www2.hp.com/hpsc/doc/public/displa… vendor-advisoryx_refsource_HP
    http://www.securityfocus.com/bid/73323 vdb-entryx_refsource_BID
    Date Public
    2015-03-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T05:02:43.316Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "HPSBMU03292",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
              },
              {
                "name": "SSRT101981",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
              },
              {
                "name": "73323",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/73323"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-03-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-11-28T20:57:01.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "HPSBMU03292",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
            },
            {
              "name": "SSRT101981",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
            },
            {
              "name": "73323",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/73323"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2015-2109",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "HPSBMU03292",
                  "refsource": "HP",
                  "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
                },
                {
                  "name": "SSRT101981",
                  "refsource": "HP",
                  "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607"
                },
                {
                  "name": "73323",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/73323"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2015-2109",
        "datePublished": "2015-03-31T10:00:00.000Z",
        "dateReserved": "2015-02-27T00:00:00.000Z",
        "dateUpdated": "2024-08-06T05:02:43.316Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-6191 (GCVE-0-2013-6191)

    Vulnerability from cvelistv5 – Published: 2013-12-17 02:00 – Updated: 2024-08-06 17:29
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    URL Tags
    https://h20564.www2.hp.com/portal/site/hpsc/publi… vendor-advisoryx_refsource_HP
    http://www.securitytracker.com/id/1029496 vdb-entryx_refsource_SECTRACK
    Date Public
    2013-12-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:29:43.144Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "SSRT101342",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
              },
              {
                "name": "HPSBGN02951",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
              },
              {
                "name": "1029496",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1029496"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-12-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-01-06T14:57:01.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "SSRT101342",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
            },
            {
              "name": "HPSBGN02951",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
            },
            {
              "name": "1029496",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1029496"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2013-6191",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "SSRT101342",
                  "refsource": "HP",
                  "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
                },
                {
                  "name": "HPSBGN02951",
                  "refsource": "HP",
                  "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
                },
                {
                  "name": "1029496",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1029496"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2013-6191",
        "datePublished": "2013-12-17T02:00:00.000Z",
        "dateReserved": "2013-10-21T00:00:00.000Z",
        "dateUpdated": "2024-08-06T17:29:43.144Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-6192 (GCVE-0-2013-6192)

    Vulnerability from cvelistv5 – Published: 2013-12-17 02:00 – Updated: 2024-08-06 17:29
    VLAI
    Summary
    Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration before 9 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    URL Tags
    https://h20564.www2.hp.com/portal/site/hpsc/publi… vendor-advisoryx_refsource_HP
    http://www.securitytracker.com/id/1029496 vdb-entryx_refsource_SECTRACK
    Date Public
    2013-12-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:29:42.967Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "SSRT101342",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
              },
              {
                "name": "HPSBGN02951",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
              },
              {
                "name": "1029496",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1029496"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-12-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration before 9 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-01-06T14:57:01.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "SSRT101342",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
            },
            {
              "name": "HPSBGN02951",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
            },
            {
              "name": "1029496",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1029496"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2013-6192",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration before 9 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "SSRT101342",
                  "refsource": "HP",
                  "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
                },
                {
                  "name": "HPSBGN02951",
                  "refsource": "HP",
                  "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093"
                },
                {
                  "name": "1029496",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1029496"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2013-6192",
        "datePublished": "2013-12-17T02:00:00.000Z",
        "dateReserved": "2013-10-21T00:00:00.000Z",
        "dateUpdated": "2024-08-06T17:29:42.967Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-3258 (GCVE-0-2012-3258)

    Vulnerability from cvelistv5 – Published: 2012-09-19 01:00 – Updated: 2024-08-06 19:57
    VLAI
    Summary
    Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    Date Public
    2012-09-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T19:57:50.364Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "HPSBMU02813",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
              },
              {
                "name": "hp-oo-code-execution(78621)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78621"
              },
              {
                "name": "55594",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/55594"
              },
              {
                "name": "SSRT100712",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-09-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "HPSBMU02813",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
            },
            {
              "name": "hp-oo-code-execution(78621)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78621"
            },
            {
              "name": "55594",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/55594"
            },
            {
              "name": "SSRT100712",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2012-3258",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "HPSBMU02813",
                  "refsource": "HP",
                  "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
                },
                {
                  "name": "hp-oo-code-execution(78621)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78621"
                },
                {
                  "name": "55594",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/55594"
                },
                {
                  "name": "SSRT100712",
                  "refsource": "HP",
                  "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2012-3258",
        "datePublished": "2012-09-19T01:00:00.000Z",
        "dateReserved": "2012-06-06T00:00:00.000Z",
        "dateUpdated": "2024-08-06T19:57:50.364Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-3985 (GCVE-0-2010-3985)

    Vulnerability from cvelistv5 – Published: 2010-10-26 18:00 – Updated: 2024-08-07 03:26
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Explorer 6.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    hp
    References
    URL Tags
    http://www.securityfocus.com/bid/44331 vdb-entryx_refsource_BID
    http://secunia.com/advisories/41983 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2010/2760 vdb-entryx_refsource_VUPEN
    http://h20000.www2.hp.com/bizsupport/TechSupport/… vendor-advisoryx_refsource_HP
    http://osvdb.org/68906 vdb-entryx_refsource_OSVDB
    Date Public
    2010-10-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T03:26:12.471Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "44331",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/44331"
              },
              {
                "name": "41983",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/41983"
              },
              {
                "name": "hp-orchestration-unspec-xss(62727)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62727"
              },
              {
                "name": "ADV-2010-2760",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/2760"
              },
              {
                "name": "HPSBMA02588",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
              },
              {
                "name": "SSRT100001",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
              },
              {
                "name": "68906",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68906"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-10-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Explorer 6.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "44331",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/44331"
            },
            {
              "name": "41983",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/41983"
            },
            {
              "name": "hp-orchestration-unspec-xss(62727)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62727"
            },
            {
              "name": "ADV-2010-2760",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/2760"
            },
            {
              "name": "HPSBMA02588",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
            },
            {
              "name": "SSRT100001",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
            },
            {
              "name": "68906",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68906"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2010-3985",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Explorer 6.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "44331",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/44331"
                },
                {
                  "name": "41983",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/41983"
                },
                {
                  "name": "hp-orchestration-unspec-xss(62727)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62727"
                },
                {
                  "name": "ADV-2010-2760",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/2760"
                },
                {
                  "name": "HPSBMA02588",
                  "refsource": "HP",
                  "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
                },
                {
                  "name": "SSRT100001",
                  "refsource": "HP",
                  "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822"
                },
                {
                  "name": "68906",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68906"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2010-3985",
        "datePublished": "2010-10-26T18:00:00.000Z",
        "dateReserved": "2010-10-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T03:26:12.471Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }