Vulnerability Details CVE-2018-6493
SQL Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow Remote SQL Injection.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.1%
CVSS Severity
CVSS v3 Score 8.7
CVSS v2 Score 6.5
References
- http://www.securityfocus.com/bid/104131
- http://www.securitytracker.com/id/1040900
- https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158014
- http://www.securityfocus.com/bid/104131
- http://www.securitytracker.com/id/1040900
- https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158014
Products affected by CVE-2018-6493
-
cpe:2.3:a:hp:network_automation:10.00
-
cpe:2.3:a:hp:network_automation:10.10
-
cpe:2.3:a:hp:network_automation:10.11
-
cpe:2.3:a:hp:network_automation:10.20
-
cpe:2.3:a:hp:network_automation:10.30
-
cpe:2.3:a:hp:network_automation:10.40
-
cpe:2.3:a:hp:network_automation:10.50
-
cpe:2.3:a:hp:network_operations_management_ultimate:2017.07
-
cpe:2.3:a:hp:network_operations_management_ultimate:2017.11
-
cpe:2.3:a:hp:network_operations_management_ultimate:2018.02