Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2011-3163

Summary
Assigner-hp
Assigner Org ID-74586083-13ce-40fd-b46a-8e5d23cfbcb2
Published At-23 Oct, 2011 | 10:00
Updated At-06 Aug, 2024 | 23:22
Rejected At-
Credits

HP MFP Digital Sending Software 4.9x through 4.91.21 allows local users to obtain sensitive workflow-metadata information via unspecified vectors.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:hp
Assigner Org ID:74586083-13ce-40fd-b46a-8e5d23cfbcb2
Published At:23 Oct, 2011 | 10:00
Updated At:06 Aug, 2024 | 23:22
Rejected At:
▼CVE Numbering Authority (CNA)

HP MFP Digital Sending Software 4.9x through 4.91.21 allows local users to obtain sensitive workflow-metadata information via unspecified vectors.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://marc.info/?l=bugtraq&m=131914362310845&w=2
vendor-advisory
x_refsource_HP
http://securityreason.com/securityalert/8479
third-party-advisory
x_refsource_SREASON
http://www.securityfocus.com/bid/50297
vdb-entry
x_refsource_BID
http://marc.info/?l=bugtraq&m=131914362310845&w=2
vendor-advisory
x_refsource_HP
http://secunia.com/advisories/46532
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://marc.info/?l=bugtraq&m=131914362310845&w=2
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://securityreason.com/securityalert/8479
Resource:
third-party-advisory
x_refsource_SREASON
Hyperlink: http://www.securityfocus.com/bid/50297
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://marc.info/?l=bugtraq&m=131914362310845&w=2
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://secunia.com/advisories/46532
Resource:
third-party-advisory
x_refsource_SECUNIA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://marc.info/?l=bugtraq&m=131914362310845&w=2
vendor-advisory
x_refsource_HP
x_transferred
http://securityreason.com/securityalert/8479
third-party-advisory
x_refsource_SREASON
x_transferred
http://www.securityfocus.com/bid/50297
vdb-entry
x_refsource_BID
x_transferred
http://marc.info/?l=bugtraq&m=131914362310845&w=2
vendor-advisory
x_refsource_HP
x_transferred
http://secunia.com/advisories/46532
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=131914362310845&w=2
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://securityreason.com/securityalert/8479
Resource:
third-party-advisory
x_refsource_SREASON
x_transferred
Hyperlink: http://www.securityfocus.com/bid/50297
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=131914362310845&w=2
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://secunia.com/advisories/46532
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:hp-security-alert@hp.com
Published At:23 Oct, 2011 | 10:55
Updated At:29 Apr, 2026 | 01:13

HP MFP Digital Sending Software 4.9x through 4.91.21 allows local users to obtain sensitive workflow-metadata information via unspecified vectors.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.01.2LOW
AV:L/AC:H/Au:N/C:P/I:N/A:N
Type: Primary
Version: 2.0
Base score: 1.2
Base severity: LOW
Vector:
AV:L/AC:H/Au:N/C:P/I:N/A:N
CPE Matches

HP Inc.
hp
>>multifunction_peripheral_digital_sending_software>>4.91.20
cpe:2.3:a:hp:multifunction_peripheral_digital_sending_software:4.91.20:*:*:*:*:*:*:*
HP Inc.
hp
>>multifunction_peripheral_digital_sending_software>>4.91.21
cpe:2.3:a:hp:multifunction_peripheral_digital_sending_software:4.91.21:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-200Primarynvd@nist.gov
CWE ID: CWE-200
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://marc.info/?l=bugtraq&m=131914362310845&w=2hp-security-alert@hp.com
Vendor Advisory
http://secunia.com/advisories/46532hp-security-alert@hp.com
N/A
http://securityreason.com/securityalert/8479hp-security-alert@hp.com
N/A
http://www.securityfocus.com/bid/50297hp-security-alert@hp.com
N/A
http://marc.info/?l=bugtraq&m=131914362310845&w=2af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/46532af854a3a-2127-422b-91ae-364da2661108
N/A
http://securityreason.com/securityalert/8479af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/50297af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://marc.info/?l=bugtraq&m=131914362310845&w=2
Source: hp-security-alert@hp.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/46532
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://securityreason.com/securityalert/8479
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/50297
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=131914362310845&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/46532
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://securityreason.com/securityalert/8479
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/50297
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

114Records found

CVE-2022-43927
Matching Score-6
Assigner-IBM Corporation
ShareView Details
Matching Score-6
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.64% / 46.28%
||
7 Day CHG~0.00%
Published-17 Feb, 2023 | 16:51
Updated-18 Mar, 2025 | 15:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Db2 for Linux, UNIX and Windows information disclosure

IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to information Disclosure due to improper privilege management when a specially crafted table access is used. IBM X-Force ID: 241671.

Action-Not Available
Vendor-IBM CorporationHP Inc.Microsoft CorporationOracle CorporationLinux Kernel Organization, Inc
Product-solarislinux_kerneldb2hp-uxwindowsaixDb2 for Linux, UNIX and Windows
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-269
Improper Privilege Management
CVE-2013-4832
Matching Score-6
Assigner-HP Inc.
ShareView Details
Matching Score-6
Assigner-HP Inc.
CVSS Score-4||MEDIUM
EPSS-1.15% / 62.86%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Service Manager 9.30 through 9.32 allows remote authenticated users to obtain sensitive information via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-service_managern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2013-4829
Matching Score-6
Assigner-HP Inc.
ShareView Details
Matching Score-6
Assigner-HP Inc.
CVSS Score-1.5||LOW
EPSS-0.32% / 24.29%
||
7 Day CHG~0.00%
Published-04 Oct, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP LaserJet M4555, M525, and M725; LaserJet flow MFP M525c; LaserJet Enterprise color flow MFP M575c; Color LaserJet CM4540, M575, and M775; and ScanJet Enterprise 8500fn1 FutureSmart devices allow local users to read images of arbitrary scanned documents via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-color_laserjet_cm4540flaserjet_enterprise_color_flow_m575ccolor_laserjet_m775zlaserjet_m4555laserjet_m725zlaserjet_m725dnlaserjet_m725z\+color_laserjet_m775z\+laserjet_m4555fcolor_laserjet_m775dncolor_laserjet_cm4540color_laserjet_m575dnlaserjet_m525flaserjet_m725flaserjet_m525dncolor_laserjet_m775flaserjet_flow_m525claserjet_m4555hscanjet_enterprise_8500fn1laserjet_m4555fskmcolor_laserjet_m575fcolor_laserjet_cm4540fskmn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2013-4826
Matching Score-6
Assigner-HP Inc.
ShareView Details
Matching Score-6
Assigner-HP Inc.
CVSS Score-5||MEDIUM
EPSS-31.56% / 98.07%
||
7 Day CHG~0.00%
Published-13 Oct, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1647.

Action-Not Available
Vendor-n/aHP Inc.
Product-imc_service_operation_management_software_moduleintelligent_management_centern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2019-16285
Matching Score-6
Assigner-HP Inc.
ShareView Details
Matching Score-6
Assigner-HP Inc.
CVSS Score-4.6||MEDIUM
EPSS-1.00% / 58.41%
||
7 Day CHG~0.00%
Published-22 Nov, 2019 | 21:44
Updated-05 Aug, 2024 | 01:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

If a local user has been configured and logged in, an unauthenticated attacker with physical access may be able to extract sensitive information onto a local drive.

Action-Not Available
Vendor-HPHP Inc.
Product-thinpro_linuxThinPro Linux
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2013-2322
Matching Score-6
Assigner-HP Inc.
ShareView Details
Matching Score-6
Assigner-HP Inc.
CVSS Score-3.5||LOW
EPSS-1.01% / 58.79%
||
7 Day CHG~0.00%
Published-28 Jun, 2013 | 14:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP SQL/MX 3.2 and earlier on NonStop servers, when SQL/MP Objects are used, allows remote authenticated users to obtain sensitive information via unspecified vectors, aka the "SQL/MP index" issue.

Action-Not Available
Vendor-n/aHP Inc.
Product-nonstop_sql\/mxn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2015-5443
Matching Score-6
Assigner-HP Inc.
ShareView Details
Matching Score-6
Assigner-HP Inc.
CVSS Score-4||MEDIUM
EPSS-1.17% / 63.53%
||
7 Day CHG~0.00%
Published-12 Oct, 2015 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP 3PAR Service Processor SP 4.2.0.GA-29 (GA) SPOCC, SP 4.3.0.GA-17 (GA) SPOCC, and SP 4.3.0-GA-24 (MU1) SPOCC allows remote authenticated users to obtain sensitive information via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-3par_service_processor_spn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-12784
Matching Score-6
Assigner-HP Inc.
ShareView Details
Matching Score-6
Assigner-HP Inc.
CVSS Score-6.9||MEDIUM
EPSS-0.27% / 18.64%
||
7 Day CHG+0.01%
Published-13 Nov, 2025 | 17:35
Updated-13 Feb, 2026 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Certain HP LaserJet Pro Printers – Potential Information Disclosure

Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to credential exposure by altering the scan/send destination address and/or modifying the LDAP Server.

Action-Not Available
Vendor-HP IncHP Inc.
Product-7kw59a7kw64a_firmwarew1a63a7kw68a7kw75a_firmware7kw57a_firmwarew1a82aw1a77a7kw66aw1a30a_firmwarew1a35a_firmware7kw55a7kw66a_firmwarew1y47a_firmwarew1a76aw1a33a7kw67aw1a28a_firmware7kw49a_firmwarew1a32a_firmware7kw59a_firmwarew1a60a_firmwarew1a34aw1y47aw1a63a_firmwarew1y45a_firmwarew1a35aw1y40aw1y40a_firmwarew1a52aw1a38a7kw74aw1a80aw1y43aw1a31a7kw56a7kw57aw1a48a_firmware7kw73a_firmwarew1a57a_firmwarew1a81a_firmwarew1a79aw1a56aw1a38a_firmware7kw76a7kw58a_firmware7kw48a7kw72a_firmwarew1a58a_firmwarew1a47a7kw77a_firmware7kw72aw1a56a_firmware7kw48a_firmwarew1a66aw1a58aw1a79a_firmwarew1a51a_firmwarew1y43a_firmwarew1y44a7kw79aw1y41a_firmware7kw58aw1a77a_firmware7kw77a7kw63a_firmware7kw78a7kw65a7kw64a7kw54a_firmwarew1a53aw1y44a_firmwarew1y46a_firmwarew1a59aw1a75aw1a53a_firmwarew1a78aw1a30a7kw68a_firmware7kw51a_firmwarew1y46aw1a57a7kw65a_firmwarew1a51aw1a29aw1a47a_firmware7kw63a7kw79a_firmwarew1a48a7kw74a_firmware93m22a_firmwarew1a60aw1a46a_firmwarew1a31a_firmwarew1a46aw1a75a_firmwarew1a34a_firmwarew1y45a7kw51aw1a76a_firmware7kw76a_firmwarew1a32aw1y41aw1a82a_firmwarew1a52a_firmware93m22aw1a81aw1a33a_firmware7kw50aw1a59a_firmware7kw75a7kw56a_firmware7kw55a_firmwarew1a28aw1a80a_firmware7kw50a_firmwarew1a66a_firmwarew1a78a_firmware7kw54aw1a29a_firmware7kw49a7kw73a7kw78a_firmware7kw67a_firmwareHP LaserJet Pro MFP M428-M429 f seriesHP LaserJet Pro M304-M305 Printer seriesHP Color LaserJet Pro M453-M454 seriesHP Color LaserJet MFP M478-M479 seriesHP LaserJet Pro M404-M405 Printer seriesHP LaserJet Pro MFP M428-M429 series
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-1999-0517
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-27.17% / 97.81%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-28 May, 2026 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An SNMP community name is the default (e.g. public), null, or missing.

Action-Not Available
Vendor-n/aHP Inc.Sun Microsystems (Oracle Corporation)
Product-hp-uxsunosn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2012-1994
Matching Score-6
Assigner-HP Inc.
ShareView Details
Matching Score-6
Assigner-HP Inc.
CVSS Score-5.7||MEDIUM
EPSS-0.79% / 51.86%
||
7 Day CHG~0.00%
Published-10 Feb, 2020 | 15:31
Updated-06 Aug, 2024 | 19:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Systems Insight Manager before 7.0 allows a remote user on adjacent network to access information

Action-Not Available
Vendor-HPHP Inc.
Product-systems_insight_managerHP Systems Insight Manager
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2012-0130
Matching Score-6
Assigner-HP Inc.
ShareView Details
Matching Score-6
Assigner-HP Inc.
CVSS Score-5||MEDIUM
EPSS-3.88% / 88.95%
||
7 Day CHG~0.00%
Published-04 Apr, 2012 | 23:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Onboard Administrator (OA) before 3.50 allows remote attackers to obtain sensitive information via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-onboard_administratorn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2011-1725
Matching Score-6
Assigner-HP Inc.
ShareView Details
Matching Score-6
Assigner-HP Inc.
CVSS Score-5||MEDIUM
EPSS-2.44% / 82.29%
||
7 Day CHG~0.00%
Published-27 Apr, 2011 | 00:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote attackers to obtain sensitive information via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-network_automationn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2011-0890
Matching Score-6
Assigner-HP Inc.
ShareView Details
Matching Score-6
Assigner-HP Inc.
CVSS Score-5||MEDIUM
EPSS-2.54% / 83.04%
||
7 Day CHG~0.00%
Published-25 Mar, 2011 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Discovery & Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, 7.61, 7.70, and 9.30 launches the Windows SNMP service with its default configuration, which allows remote attackers to obtain potentially sensitive information or have unspecified other impact by leveraging the public read community.

Action-Not Available
Vendor-n/aHP Inc.Microsoft Corporation
Product-windowsdiscovery\&dependency_mapping_inventoryn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-2744
Matching Score-6
Assigner-HP Inc.
ShareView Details
Matching Score-6
Assigner-HP Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.48% / 37.89%
||
7 Day CHG~0.00%
Published-23 Jan, 2018 | 16:00
Updated-17 Sep, 2024 | 04:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The vulnerability allows attacker to extract binaries into protected file system locations in HP Support Assistant before 12.7.26.1.

Action-Not Available
Vendor-HP Inc.
Product-support_assistantHP Support Assistant
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2022-28638
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.25% / 16.71%
||
7 Day CHG+0.01%
Published-20 Sep, 2022 | 20:04
Updated-29 May, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An isolated local disclosure of information and potential isolated local arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 (iLO 5) in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for HPE Integrated Lights-Out 5 (iLO 5) that addresses these security vulnerabilities.

Action-Not Available
Vendor-n/aHP Inc.Hewlett Packard Enterprise (HPE)
Product-proliant_xl290n_gen10_plus_serverstoreeasy_1860_storageproliant_dx190r_gen10_serverapollo_n2800_gen10_plusproliant_dl345_gen10_plus_serverproliant_dx385_gen10_plus_serverstorage_performance_file_controllerproliant_xl645d_gen10_plus_serveredgeline_e920_server_bladeapollo_n2600_gen10_plusintegrated_lights-out_5_firmwareproliant_dx380_gen10_plus_serverstoreeasy_1460_storageproliant_e910_server_bladeproliant_dx380_gen10_serverproliant_dl360_gen10_serverproliant_dx560_gen10_serverapollo_r2000_chassisapollo_4200_gen10_plus_systemproliant_dl380_gen10_serverapollo_4200_gen10_serverstoreeasy_1660_performance_storagestorage_file_controllerapollo_r2600_gen10proliant_dl365_gen10_plus_serverproliant_dl360_gen10_plus_serveredgeline_e920d_server_bladeproliant_microserver_gen10_plusproliant_xl675d_gen10_plus_serverproliant_dx170r_gen10_serverproliant_dl380_gen10_plus_serverproliant_m750_server_bladeapollo_4510_gen10_systemproliant_xl170r_gen10_serverproliant_dx4200_gen10_serverproliant_xl225n_gen10_plus_1u_nodeproliant_dl580_gen10_serverstoreeasy_1660_expanded_storageproliant_xl220n_gen10_plus_serverproliant_dx385_gen10_plus_v2_serverproliant_ml30_gen10_serverintegrated_lights-out_5proliant_dl110_gen10_plus_telco_serverproliant_ml30_gen10_plus_serverproliant_dl385_gen10_plus_v2_serverproliant_dl325_gen10_serverproliant_xl450_gen10_serverapollo_2000_gen10_plus_systemproliant_dl20_gen10_serverstoreeasy_1560_storageproliant_xl270d_gen10_serverstoreeasy_1660_storageproliant_dl160_gen10_serveredgeline_e920t_server_bladeproliant_xl420_gen10_serverproliant_dx220n_gen10_plus_serverproliant_dx360_gen10_serverapollo_6500_gen10_plusproliant_dx360_gen10_plus_serverproliant_ml350_gen10_serverproliant_dl325_gen10_plus_v2_serverapollo_r2800_gen10proliant_e910t_server_bladeproliant_dl385_gen10_serverproliant_xl190r_gen10_serverproliant_bl460c_gen10_server_bladeproliant_dl325_gen10_plus_serverproliant_xl925g_gen10_plus_1u_4-node_configure-to-order_serverproliant_dl180_gen10_serverstoreeasy_1860_performance_storageproliant_dl385_gen10_plus_serverapollo_4500proliant_dl560_gen10_serverproliant_xl230k_gen10_serverproliant_dl20_gen10_plus_serverproliant_dx325_gen10_plus_v2_serverproliant_ml110_gen10_serverHPE Integrated Lights-Out 5 (iLO 5)
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2010-4112
Matching Score-6
Assigner-HP Inc.
ShareView Details
Matching Score-6
Assigner-HP Inc.
CVSS Score-5||MEDIUM
EPSS-2.25% / 80.81%
||
7 Day CHG~0.00%
Published-22 Dec, 2010 | 20:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Insight Management Agents before 8.6 allows remote attackers to obtain sensitive information via an unspecified request that triggers disclosure of the full path.

Action-Not Available
Vendor-n/aHP Inc.
Product-insight_management_agentsn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2010-3284
Matching Score-6
Assigner-HP Inc.
ShareView Details
Matching Score-6
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.61% / 73.00%
||
7 Day CHG~0.00%
Published-24 Sep, 2010 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to obtain sensitive information via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-system_management_homepagen/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2010-2612
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.47% / 37.23%
||
7 Day CHG~0.00%
Published-01 Jul, 2010 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the HP OpenVMS Auditing feature in OpenVMS ALPHA 7.3-2, 8.2, and 8.3; and OpenVMS for Integrity Servers 8.3 AND 8.3-1H1; allows local users to obtain sensitive information via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-openvms_for_integrity_serversopenvmsn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2008-4560
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-3.48% / 87.66%
||
7 Day CHG~0.00%
Published-08 Feb, 2009 | 21:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to obtain sensitive information via (1) a crafted request to the nnmRptConfig.exe CGI program, which reveals the pathname of log directories; or (2) a crafted parameter in a request to the ovlaunch.exe CGI program, which reveals configuration details. NOTE: this issue may be partially covered by CVE-2009-0205.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2008-3902
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.42% / 33.71%
||
7 Day CHG~0.00%
Published-03 Sep, 2008 | 19:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP firmware 68DTT F.0D stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer, aka SSRT080104.

Action-Not Available
Vendor-n/aHP Inc.
Product-68dttn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2008-3539
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.44% / 35.24%
||
7 Day CHG~0.00%
Published-10 Sep, 2008 | 15:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP OpenView Select Identity (HPSI) Connectors on Windows, as used in HPSI Active Directory Connector 2.30 and earlier, HPSI SunOne Connector 1.14 and earlier, HPSI eDirectory Connector 1.12 and earlier, HPSI eTrust Connector 1.02 and earlier, HPSI OID Connector 1.02 and earlier, HPSI IBM Tivoli Dir Connector 1.02 and earlier, HPSI TOPSecret Connector 2.22.001 and earlier, HPSI RACF Connector 1.12.001 and earlier, HPSI ACF2 Connector 1.02 and earlier, HPSI OpenLDAP Connector 1.02 and earlier, and HPSI BiDir DirX Connector 1.00.003 and earlier, allows local users to obtain sensitive information via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.Microsoft Corporation
Product-hpsi_racf_connectorhpsi_acf2_connectoribm_tivoli_dir_connectorhpsi_sunone_connectorhpsi_bidir_dirx_connectorhpsi_topsecret_connectorhpsi_edirectory_connectorwindowshpsi_openldap_connectorhpsi_active_directory_connectorhpsi_oid_connectorhpsi_etrust_connectorn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2019-11991
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-4.70% / 90.69%
||
7 Day CHG~0.00%
Published-09 Jul, 2019 | 18:32
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE has identified a vulnerability in HPE 3PAR Service Processor (SP) version 4.1 through 4.4. HPE 3PAR Service Processor (SP) version 4.1 through 4.4 has a remote information disclosure vulnerability which can allow for the disruption of the confidentiality, integrity and availability of the Service Processor and any managed 3PAR arrays.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-3par_service_processor_firmware3par_service_processorHPE 3PAR Service Processors
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2015-5411
Matching Score-6
Assigner-HP Inc.
ShareView Details
Matching Score-6
Assigner-HP Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.11% / 79.50%
||
7 Day CHG~0.00%
Published-26 Aug, 2015 | 18:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to obtain sensitive information via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-version_control_repository_managern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2007-5413
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-2.77% / 84.55%
||
7 Day CHG~0.00%
Published-29 Oct, 2007 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

httpd.tkd in Radia Integration Server in Hewlett-Packard (HP) OpenView Configuration Management (CM) Infrastructure 4.0 through 4.2i and Client Configuration Manager (CCM) 2.0 allows remote attackers to read arbitrary files via URLs containing tilde (~) references to home directories, as demonstrated by ~root.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_client_configuraton_manageropenview_configuration_managementn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2007-4514
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.43% / 82.23%
||
7 Day CHG~0.00%
Published-15 Apr, 2009 | 10:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP ProCurve Manager and HP ProCurve Manager Plus 2.3 and earlier allows remote attackers to obtain sensitive information from the ProCurve Manager server via unknown attack vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-procurve_managern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-43018
Matching Score-6
Assigner-HP Inc.
ShareView Details
Matching Score-6
Assigner-HP Inc.
CVSS Score-6.9||MEDIUM
EPSS-0.27% / 19.20%
||
7 Day CHG+0.02%
Published-30 Jul, 2025 | 14:31
Updated-24 Feb, 2026 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Certain HP LaserJet Pro Printers – Potential Information Disclosure

Certain HP LaserJet Pro printers may be vulnerable to information disclosure when a non-authenticated user queries a device’s local address book.

Action-Not Available
Vendor-HP Inc.
Product-w1a82aw1a75aw1a78aw1a30aw1a77aw1a30a_firmwarew1a76aw1a35a_firmwarew1a33aw1a29aw1a28a_firmwarew1a32a_firmwarew1a34aw1a35aw1a75a_firmwarew1a31a_firmwarew1a34a_firmwarew1a38aw1a76a_firmwarew1a80aw1a31aw1a32aw1a81a_firmwarew1a82a_firmwarew1a79aw1a81aw1a38a_firmwarew1a33a_firmwarew1a28aw1a80a_firmwarew1a78a_firmwarew1a79a_firmwarew1a29a_firmwarew1a77a_firmwareCertain HP LaserJet Pro Printers
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2024-22435
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.3||HIGH
EPSS-0.44% / 35.12%
||
7 Day CHG~0.00%
Published-15 Apr, 2024 | 09:06
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HPE NonStop Web ViewPoint Enterprise software, Unauthorized access

A potential security vulnerability has been identified in Web ViewPoint Enterprise software. This vulnerability could be exploited to allow unauthorized users to access some resources on a NonStop system.

Action-Not Available
Vendor-Hewlett Packard Enterprise (HPE)HP Inc.
Product-HPE NonStop Web ViewPoint Enterprise softwareweb_viewpoint_t0986
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2018-7071
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-4.3||MEDIUM
EPSS-0.81% / 52.43%
||
7 Day CHG~0.00%
Published-06 Aug, 2018 | 20:00
Updated-05 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE has identified a remote access to sensitive information vulnerability in HPE Network Function Virtualization Director (NFVD) 4.2.1 prior to gui patch 3.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-network_function_virtualization_directorHPE Network Function Virtualization Director (NFVD)
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2018-7122
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-5.3||MEDIUM
EPSS-1.74% / 74.95%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:09
Updated-05 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote disclosure of information vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2018-7070
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-5.3||MEDIUM
EPSS-1.89% / 77.08%
||
7 Day CHG~0.00%
Published-06 Aug, 2018 | 20:00
Updated-05 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE has identified a remote disclosure of information vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-centralview_fraud_risk_managementHPE CentralView Fraud Risk Management
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2016-4367
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-7.54% / 93.77%
||
7 Day CHG~0.00%
Published-08 Jun, 2016 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Universal Discovery component in HPE Universal CMDB 10.0, 10.01, 10.10, 10.11, 10.20, and 10.21 allows remote attackers to obtain sensitive information via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-universal_cmbd_foundationn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2023-50271
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.2||HIGH
EPSS-0.50% / 39.10%
||
7 Day CHG~0.00%
Published-17 Dec, 2023 | 14:49
Updated-02 Aug, 2024 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HP-UX System Management Homepage, Disclosure of Information

A potential security vulnerability has been identified with HP-UX System Management Homepage (SMH). This vulnerability could be exploited locally or remotely to disclose information.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-system_management_homepagehp-uxHPE System Management Homepage (SMH)
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2016-2026
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.65% / 88.24%
||
7 Day CHG~0.00%
Published-08 Jun, 2016 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-2027.

Action-Not Available
Vendor-n/aHP Inc.
Product-systems_insight_managermatrix_operating_environmentn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2023-38729
Matching Score-6
Assigner-IBM Corporation
ShareView Details
Matching Score-6
Assigner-IBM Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.57% / 42.88%
||
7 Day CHG~0.00%
Published-03 Apr, 2024 | 12:27
Updated-31 Jan, 2025 | 15:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Db2 information disclosure

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to sensitive information disclosure when using ADMIN_CMD with IMPORT or EXPORT.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-hp-uxwindowssolarisaixlinux_on_ibm_zlinux_kerneldb2Db2 for Linux, UNIX and Windowsdb2_connect_serverdb2
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-12785
Matching Score-6
Assigner-HP Inc.
ShareView Details
Matching Score-6
Assigner-HP Inc.
CVSS Score-6.9||MEDIUM
EPSS-0.27% / 19.07%
||
7 Day CHG+0.01%
Published-13 Nov, 2025 | 17:38
Updated-13 Feb, 2026 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Certain HP LaserJet Pro Printers – Potential Information Disclosure

Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to credential exposure by altering the scan/send destination address and/or modifying the LDAP Server.

Action-Not Available
Vendor-HP IncHP Inc.
Product-7kw59a7kw64a_firmwarew1a63a7kw68a7kw75a_firmware7kw57a_firmwarew1a82aw1a77a7kw66aw1a30a_firmwarew1a35a_firmware7kw55a7kw66a_firmwarew1y47a_firmwarew1a76aw1a33a7kw67aw1a28a_firmware7kw49a_firmwarew1a32a_firmware7kw59a_firmwarew1a60a_firmwarew1a34aw1y47aw1a63a_firmwarew1y45a_firmwarew1a35aw1y40aw1y40a_firmwarew1a52aw1a38a7kw74aw1a80aw1y43aw1a31a7kw56a7kw57aw1a48a_firmware7kw73a_firmwarew1a57a_firmwarew1a81a_firmwarew1a79aw1a56aw1a38a_firmware7kw76a7kw58a_firmware7kw48a7kw72a_firmwarew1a58a_firmwarew1a47a7kw77a_firmware7kw72aw1a56a_firmware7kw48a_firmwarew1a66aw1a58aw1a79a_firmwarew1a51a_firmwarew1y43a_firmwarew1y44a7kw79aw1y41a_firmware7kw58aw1a77a_firmware7kw77a7kw63a_firmware7kw78a7kw65a7kw64a7kw54a_firmwarew1a53aw1y44a_firmwarew1y46a_firmwarew1a59aw1a75aw1a53a_firmwarew1a78aw1a30a7kw68a_firmware7kw51a_firmwarew1y46aw1a57a7kw65a_firmwarew1a51aw1a29aw1a47a_firmware7kw63a7kw79a_firmwarew1a48a7kw74a_firmware93m22a_firmwarew1a60aw1a46a_firmwarew1a31a_firmwarew1a46aw1a75a_firmwarew1a34a_firmwarew1y45a7kw51aw1a76a_firmware7kw76a_firmwarew1a32aw1y41aw1a82a_firmwarew1a52a_firmware93m22aw1a81aw1a33a_firmware7kw50aw1a59a_firmware7kw75a7kw56a_firmware7kw55a_firmwarew1a28aw1a80a_firmware7kw50a_firmwarew1a66a_firmwarew1a78a_firmware7kw54aw1a29a_firmware7kw49a7kw73a7kw78a_firmware7kw67a_firmwareHP LaserJet Pro MFP M428-M429 f seriesHP LaserJet Pro M304-M305 Printer seriesHP Color LaserJet Pro M453-M454 seriesHP Color LaserJet MFP M478-M479 seriesHP LaserJet Pro M404-M405 Printer seriesHP LaserJet Pro MFP M428-M429 series
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2018-15532
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-3.8||LOW
EPSS-0.70% / 48.49%
||
7 Day CHG~0.00%
Published-17 Mar, 2019 | 21:23
Updated-05 Aug, 2024 | 09:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SynTP.sys in Synaptics Touchpad drivers before 2018-06-06 allows local users to obtain sensitive information about freed kernel addresses.

Action-Not Available
Vendor-n/aHP Inc.
Product-synaptics_touchpad_drivern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-8978
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-4.6||MEDIUM
EPSS-0.57% / 42.96%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Unauthorized Disclosure of Information vulnerability in HPE IceWall Products version MFA 4.0 proxy was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-icewall_ssoicewall_mfaicewall_mcrpIceWall Products
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-8970
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-5.3||MEDIUM
EPSS-3.23% / 86.72%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 00:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote unauthenticated disclosure of information vulnerability in HPE Matrix Operating Environment version 7.6 LR1 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-matrix_operating_environmentMatrix Operating Environment
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-8950
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-5.5||MEDIUM
EPSS-0.66% / 47.17%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 00:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-sitescopeSiteScope
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-8951
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.68% / 47.81%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-sitescopeSiteScope
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-8985
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-5.3||MEDIUM
EPSS-0.42% / 34.08%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE XP Storage using Hitachi Global Link Manager (HGLM) has a local authenticated information disclosure vulnerability in HGLM version HGLM 6.3.0-00 to 8.5.2-00.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-xp_storage_hitachi_global_link_managerXP Storage using HGLM
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-8980
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.5||HIGH
EPSS-5.36% / 91.65%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 02:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Disclosure of Information vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-5811
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.5||HIGH
EPSS-17.33% / 96.73%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 00:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-network_automationNetwork Automation
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-5785
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-6.5||MEDIUM
EPSS-1.47% / 70.51%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 19:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote information disclosure vulnerability in HPE Matrix Operating Environment version v7.6 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-matrix_operating_environmentMatrix Operating Environment
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-5795
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-6.5||MEDIUM
EPSS-3.47% / 87.64%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 22:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Local Arbitrary File Download vulnerability in HPE Intelligent Management Center (IMC) version PLAT 7.2 E0403P06 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (IMC) PLAT
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-17556
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.1||MEDIUM
EPSS-0.62% / 45.49%
||
7 Day CHG~0.00%
Published-15 Dec, 2017 | 19:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A debug tool in Synaptics TouchPad drivers allows local users with administrative access to obtain sensitive information about keyboard scan codes by modifying registry keys.

Action-Not Available
Vendor-n/aHP Inc.
Product-synaptics_touchpad_drivern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2023-33848
Matching Score-6
Assigner-IBM Corporation
ShareView Details
Matching Score-6
Assigner-IBM Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.80% / 51.94%
||
7 Day CHG~0.00%
Published-07 Jun, 2023 | 20:13
Updated-06 Jan, 2025 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM CICS TX information disclosure

IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could allow a privileged user to obtain highly sensitive information by enabling debug mode. IBM X-Force ID: 257104.

Action-Not Available
Vendor-HP Inc.IBM CorporationLinux Kernel Organization, Inc
Product-txseries_for_multiplatformslinux_kernelcics_txhp-uxaixCICS TX AdvancedCICS TX StandardTXSeries for Multiplatforms
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-1999-1136
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.51% / 39.85%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows attackers to compromise data transfer for Predictive messages (using e-mail or modem) between customer and Response Center Predictive systems.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxmpe_ixn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-1999-0524
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4||MEDIUM
EPSS-31.59% / 98.07%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-28 May, 2026 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.

Action-Not Available
Vendor-scowindrivern/aOracle CorporationMicrosoft CorporationHP Inc.Linux Kernel Organization, IncCisco Systems, Inc.Silicon Graphics, Inc.IBM CorporationNovellApple Inc.
Product-mac_os_xos2windowsbsdoslinux_kernelnetwareaixtru64iossolarisirixsco_unixhp-uxmacosn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-13990
Matching Score-6
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-6
Assigner-OpenText (formerly Micro Focus)
CVSS Score-5.3||MEDIUM
EPSS-1.48% / 70.83%
||
7 Day CHG~0.00%
Published-29 Sep, 2017 | 14:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An information leakage vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows disclosure of Apache Tomcat application server version.

Action-Not Available
Vendor-n/aHP Inc.
Product-arcsight_enterprise_security_managerarcsight_enterprise_security_manager_expressn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found