Hp: >> Operations Orchestration >> 10.10 Security Vulnerabilities
A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely.
CVSS Score
9.8
EPSS Score
0.015
Published
2017-10-10
HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
CVSS Score
9.8
EPSS Score
0.026
Published
2016-03-22
Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVSS Score
6.8
EPSS Score
0.001
Published
2015-11-23