Hp: >> Vertica Security Vulnerabilities
A Remote Gain Privileged Access vulnerability in HPE Vertica Analytics Platform version v4.1 and later was found.
CVSS Score
9.8
EPSS Score
0.023
Published
2018-02-15
The validateAdminConfig handler in the Analytics Management Console in HPE Vertica 7.0.x before 7.0.2.12, 7.1.x before 7.1.2-12, and 7.2.x before 7.2.2-1 allows remote attackers to execute arbitrary commands via the mcPort parameter, aka ZDI-CAN-3417.
CVSS Score
9.8
EPSS Score
0.094
Published
2016-04-20
The vertica-udx-zygote process in HP Vertica 7.1.1 UDx does not require authentication, which allows remote attackers to execute arbitrary commands via a crafted packet, aka ZDI-CAN-2914.
CVSS Score
7.5
EPSS Score
0.057
Published
2015-11-04