Shodan
Vulnerabilities
Vulnerable Software
Hp:  Security Vulnerabilities
CVE-2017-13984
An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to delete arbitrary files via servlet directory traversal.
CVSS Score
6.5
EPSS Score
0.013
Published
2017-09-30
CVE-2017-13985
An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to traverse directory leading to disclosure of information.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-09-30
CVE-2017-13986
A reflected Cross-Site Scripting(XSS) vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows for unintended information when a specific URL is sent to the system.
CVSS Score
6.1
EPSS Score
0.004
Published
2017-09-30
CVE-2017-13987
An insufficient access control vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows an unauthorized user to download log files.
CVSS Score
6.5
EPSS Score
0.003
Published
2017-09-30
CVE-2017-13988
An improper access control vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows unauthorized users to alter the maximum size of storage groups and enable/disable the setting for the 'follow schedule' function.
CVSS Score
6.5
EPSS Score
0.003
Published
2017-09-30
CVE-2017-13989
An improper access control vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows unauthorized users to retrieve or modify storage information.
CVSS Score
8.1
EPSS Score
0.003
Published
2017-09-30
CVE-2017-13990
An information leakage vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows disclosure of Apache Tomcat application server version.
CVSS Score
5.3
EPSS Score
0.006
Published
2017-09-30
CVE-2017-13991
An information leakage vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows disclosure of product license features.
CVSS Score
5.3
EPSS Score
0.006
Published
2017-09-30
CVE-2017-14349
An authentication vulnerability in HPE SiteScope product versions 11.2x and 11.3x, allows read-only accounts to view all SiteScope interfaces and monitors, potentially exposing sensitive data.
CVSS Score
9.8
EPSS Score
0.008
Published
2017-09-30
CVE-2017-14350
A potential security vulnerability has been identified in HPE Application Performance Management (BSM) Platform versions 9.26, 9.30, 9.40. The vulnerability could be remotely exploited to allow code execution.
CVSS Score
9.8
EPSS Score
0.011
Published
2017-09-30


Products
Pricing
Contact Us

Shodan ® - All rights reserved