Shodan
Vulnerabilities
Vulnerable Software
Hp:  Security Vulnerabilities
CVE-2016-2003
HPE P9000 Command View Advanced Edition Software (CVAE) 7.x and 8.x before 8.4.0-00 and XP7 CVAE 7.x and 8.x before 8.4.0-00 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
CVSS Score
9.8
EPSS Score
0.011
Published
2016-04-20
CVE-2016-2002
The validateAdminConfig handler in the Analytics Management Console in HPE Vertica 7.0.x before 7.0.2.12, 7.1.x before 7.1.2-12, and 7.2.x before 7.2.2-1 allows remote attackers to execute arbitrary commands via the mcPort parameter, aka ZDI-CAN-3417.
CVSS Score
9.8
EPSS Score
0.094
Published
2016-04-20
CVE-2016-2001
HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11, and 10.20 allows remote attackers to obtain sensitive information or conduct URL redirection attacks via unspecified vectors.
CVSS Score
7.4
EPSS Score
0.005
Published
2016-04-12
CVE-2016-2000
HPE Asset Manager 9.40, 9.41, and 9.50 and Asset Manager CloudSystem Chargeback 9.40 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
CVSS Score
9.8
EPSS Score
0.011
Published
2016-04-05
CVE-2016-1998
HPE Service Manager (SM) 9.3x before 9.35 P4 and 9.4x before 9.41.P2 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
CVSS Score
9.8
EPSS Score
0.017
Published
2016-03-22
CVE-2016-1997
HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
CVSS Score
9.8
EPSS Score
0.026
Published
2016-03-22
CVE-2016-2245
HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecified vectors.
CVSS Score
9.8
EPSS Score
0.145
Published
2016-03-19
CVE-2016-1996
HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors.
CVSS Score
7.7
EPSS Score
0.001
Published
2016-03-18
CVE-2016-1995
HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS Score
9.8
EPSS Score
0.164
Published
2016-03-18
CVE-2016-1994
HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors.
CVSS Score
6.5
EPSS Score
0.003
Published
2016-03-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved