Filtered by vendor Hp
Subscribe
Total
2438 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-7078 | 1 Hp | 3 Integrated Lights-out, Integrated Lights-out 4 Firmware, Integrated Lights-out 5 Firmware | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2.60 and HPE Integrated Lights-Out 5 (iLO 5) earlier than version v1.30. | |||||
| CVE-2018-7077 | 1 Hp | 2 Xp P9000 Configuration Manager, Xp P9000 Device Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A security vulnerability in HPE XP P9000 Command View Advanced Edition (CVAE) Device Manager (DevMgr 8.5.0-00 and prior to 8.6.0-00), Configuration Manager (CM 8.5.0-00 and prior to 8.6.0-00) could be exploited to allow local and remote unauthorized access to sensitive information. | |||||
| CVE-2018-7076 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) prior to iMC PLAT 7.3 E0605P04. | |||||
| CVE-2018-7075 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A remote cross-site scripting (XSS) vulnerability was identified in HPE Intelligent Management Center (iMC) PLAT version v7.3 (E0506). The vulnerability is fixed in Intelligent Management Center PLAT 7.3 E0605P04 or subsequent version. | |||||
| CVE-2018-7074 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) PLAT 7.3 E0506P07. The vulnerability was resolved in iMC PLAT 7.3 E0605P04 or subsequent version. | |||||
| CVE-2018-7073 | 2 Canonical, Hp | 2 Ubuntu Linux, Moonshot Provisioning Manager | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A local arbitrary file modification vulnerability was identified in HPE Moonshot Provisioning Manager prior to v1.24. | |||||
| CVE-2018-7072 | 1 Hp | 1 Moonshot Provisioning Manager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A remote bypass of security restrictions vulnerability was identified in HPE Moonshot Provisioning Manager prior to v1.24. | |||||
| CVE-2018-7071 | 1 Hp | 1 Network Function Virtualization Director | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| HPE has identified a remote access to sensitive information vulnerability in HPE Network Function Virtualization Director (NFVD) 4.2.1 prior to gui patch 3. | |||||
| CVE-2018-7070 | 1 Hp | 1 Centralview Fraud Risk Management | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| HPE has identified a remote disclosure of information vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version. | |||||
| CVE-2018-7069 | 1 Hp | 1 Centralview Fraud Risk Management | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| HPE has identified a remote unauthenticated access to files vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version. | |||||
| CVE-2018-7068 | 1 Hp | 1 Centralview Fraud Risk Management | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| HPE has identified a remote HOST header attack vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version. | |||||
| CVE-2018-7059 | 1 Hp | 1 Aruba Clearpass Policy Manager | 2024-11-21 | 4.0 MEDIUM | 8.8 HIGH |
| Aruba ClearPass prior to 6.6.9 has a vulnerability in the API that helps to coordinate cluster actions. An authenticated user with the "mon" permission could use this vulnerability to obtain cluster credentials which could allow privilege escalation. This vulnerability is only present when authenticated as a user with "mon" permission. | |||||
| CVE-2018-7058 | 1 Hp | 1 Aruba Clearpass Policy Manager | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Aruba ClearPass, all versions of 6.6.x prior to 6.6.9 are affected by an authentication bypass vulnerability, an attacker can leverage this vulnerability to gain administrator privileges on the system. The vulnerability is exposed only on ClearPass web interfaces, including administrative, guest captive portal, and API. Customers who do not expose ClearPass web interfaces to untrusted users are impacted to a lesser extent. | |||||
| CVE-2018-6653 | 2 Comforte, Hp | 2 Swap, Nonstop Server | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| comforte SWAP 1049 through 1069 and 20.0.0 through 21.5.3 (as used in SSLOBJ on HPE NonStop SSL T0910, and in the comforte SecurCS, SecurFTP, SecurLib/SSL-AT, and SecurTN products), after executing the RELOAD CERTIFICATES command, does not ensure that clients use a strong TLS cipher suite, which makes it easier for remote attackers to defeat intended cryptographic protection mechanisms by sniffing the network. This is fixed in 21.6.0. | |||||
| CVE-2018-6505 | 1 Hp | 1 Arcsight Management Center | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A potential Unauthenticated File Download vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for Unauthenticated File Downloads. | |||||
| CVE-2018-6503 | 1 Hp | 1 Arcsight Management Center | 2024-11-21 | 6.8 MEDIUM | 6.5 MEDIUM |
| A potential Access Control vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for vulnerable Access Controls. | |||||
| CVE-2018-6502 | 1 Hp | 1 Arcsight Management Center | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A potential Reflected Cross-Site Scripting (XSS) Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for Reflected Cross-site Scripting (XSS). | |||||
| CVE-2018-6501 | 1 Hp | 1 Arcsight Management Center | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Potential security vulnerability of Insufficient Access Controls has been identified in ArcSight Management Center (ArcMC) for versions prior to 2.81. This vulnerability could be exploited to allow for insufficient access controls. | |||||
| CVE-2018-6500 | 1 Hp | 1 Arcsight Management Center | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A potential Directory Traversal Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be remotely exploited to allow Directory Traversal. | |||||
| CVE-2018-6493 | 1 Hp | 2 Network Automation, Network Operations Management Ultimate | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| SQL Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow Remote SQL Injection. | |||||