Shodan
Vulnerabilities
Vulnerable Software
Hp:  >> Data Protector  >> 6.11  Security Vulnerabilities
CVE-2017-5807
A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found.
CVSS Score
9.8
EPSS Score
0.47
Published
2018-02-15
CVE-2017-5808
A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found.
CVSS Score
7.5
EPSS Score
0.195
Published
2018-02-15
CVE-2017-5809
A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found.
CVSS Score
5.5
EPSS Score
0.007
Published
2018-02-15
CVE-2014-5160
Multiple directory traversal vulnerabilities in crs.exe in the Cell Request Service in HP Data Protector allow remote attackers to create arbitrary files via an opcode-1091 request, or create or delete arbitrary files via an opcode-305 request. NOTE: the vendor reportedly asserts that this behavior is "by design.
CVSS Score
6.4
EPSS Score
0.218
Published
2014-08-01
CVE-2011-2399
Unspecified vulnerability in the Media Management Daemon (mmd) in HP Data Protector 6.11 and earlier allows remote attackers to cause a denial of service via unknown vectors.
CVSS Score
7.8
EPSS Score
0.027
Published
2011-08-01
CVE-2011-0921
crs.exe in the Cell Manager Service in the client in HP Data Protector does not properly validate credentials associated with the hostname, domain, and username, which allows remote attackers to execute arbitrary code by sending unspecified data over TCP, related to the webreporting client, the applet domain, and the java username.
CVSS Score
10.0
EPSS Score
0.047
Published
2011-02-09
CVE-2011-0922
The client in HP Data Protector allows remote attackers to execute arbitrary programs via an EXEC_SETUP command that references a UNC share pathname.
CVSS Score
10.0
EPSS Score
0.82
Published
2011-02-09
CVE-2011-0923
The client in HP Data Protector does not properly validate EXEC_CMD arguments, which allows remote attackers to execute arbitrary Perl code via a crafted command, related to the "local bin directory."
CVSS Score
10.0
EPSS Score
0.899
Published
2011-02-09
CVE-2011-0924
The client in HP Data Protector does not verify the contents of files associated with the EXEC_CMD command, which allows remote attackers to execute arbitrary script code by providing this code with a trusted filename, as demonstrated by omni_chk_ds.sh.
CVSS Score
10.0
EPSS Score
0.134
Published
2011-02-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved