Hp: >> Network Automation >> 9.20 Security Vulnerabilities
A remote sql injection vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.
CVSS Score
9.8
EPSS Score
0.128
Published
2018-02-15
A remote code execution vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.
CVSS Score
7.5
EPSS Score
0.142
Published
2018-02-15
A remote sql information disclosure vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.
CVSS Score
7.5
EPSS Score
0.062
Published
2018-02-15
A remote unauthenticated access vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.
CVSS Score
6.3
EPSS Score
0.005
Published
2018-02-15
A remote sql injection authentication bypass in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.
CVSS Score
9.8
EPSS Score
0.36
Published
2018-02-15
A Remote Code Execution vulnerability in HPE Network Automation using RPCServlet and Java Deserialization version v9.1x, v9.2x, v10.00, v10.00.01, v10.00.02, v10.10, v10.11, v10.11.01, v10.20 was found.
CVSS Score
9.8
EPSS Score
0.197
Published
2018-02-15
The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) and Commons BeanUtils libraries.
CVSS Score
7.3
EPSS Score
0.049
Published
2016-09-29
Unspecified vulnerability in HP Network Automation 9.10 and 9.20 allows local users to bypass intended access restrictions via unknown vectors.
CVSS Score
7.2
EPSS Score
0.001
Published
2014-10-10