Shodan
Vulnerabilities
Vulnerable Software
Hp:  Security Vulnerabilities
CVE-2013-2323
HP SQL/MX 3.0 through 3.2 on NonStop servers, when SQL/MP Objects are used, allows remote authenticated users to bypass intended access restrictions and modify data via unspecified vectors, aka the "SQL/MP tables" issue.
CVSS Score
6.0
EPSS Score
0.002
Published
2013-06-28
CVE-2013-2322
HP SQL/MX 3.2 and earlier on NonStop servers, when SQL/MP Objects are used, allows remote authenticated users to obtain sensitive information via unspecified vectors, aka the "SQL/MP index" issue.
CVSS Score
3.5
EPSS Score
0.002
Published
2013-06-28
CVE-2013-2338
Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) cards with firmware before 1.57 and 4 (aka iLO4) cards with firmware before 1.22, when Single-Sign-On (SSO) is used, allows remote attackers to execute arbitrary code via unknown vectors.
CVSS Score
10.0
EPSS Score
0.316
Published
2013-06-14
CVE-2013-2336
HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers to obtain sensitive information via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.007
Published
2013-06-14
CVE-2013-2337
Cross-site scripting (XSS) vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.006
Published
2013-06-14
CVE-2013-3576
ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands via shell metacharacters in the PATH_INFO to smhutil/snmpchp.php.en.
CVSS Score
9.0
EPSS Score
0.463
Published
2013-06-14
CVE-2013-3573
HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors.
CVSS Score
10.0
EPSS Score
0.011
Published
2013-06-14
CVE-2013-3574
Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insight Diagnostics 9.4.0.4710 allows remote attackers to write data to arbitrary files via a full pathname in the argument to the devicePath (aka mount) parameter.
CVSS Score
7.8
EPSS Score
0.221
Published
2013-06-14
CVE-2013-3575
hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote attackers to include arbitrary hpdiags/frontend2/help/ .html files via the path parameter.
CVSS Score
5.0
EPSS Score
0.24
Published
2013-06-14
CVE-2013-2324
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1629.
CVSS Score
10.0
EPSS Score
0.647
Published
2013-06-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved