Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-16284

Summary
Assigner-hp
Assigner Org ID-74586083-13ce-40fd-b46a-8e5d23cfbcb2
Published At-05 Nov, 2019 | 20:16
Updated At-05 Aug, 2024 | 01:10
Rejected At-
Credits

A potential security vulnerability has been identified in multiple HP products and versions which involves possible execution of arbitrary code during boot services that can result in elevation of privilege. The EFI_BOOT_SERVICES structure might be overwritten by an attacker to execute arbitrary SMM (System Management Mode) code. A list of affected products and versions are available in https://support.hp.com/rs-en/document/c06456250.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:hp
Assigner Org ID:74586083-13ce-40fd-b46a-8e5d23cfbcb2
Published At:05 Nov, 2019 | 20:16
Updated At:05 Aug, 2024 | 01:10
Rejected At:
â–¼CVE Numbering Authority (CNA)

A potential security vulnerability has been identified in multiple HP products and versions which involves possible execution of arbitrary code during boot services that can result in elevation of privilege. The EFI_BOOT_SERVICES structure might be overwritten by an attacker to execute arbitrary SMM (System Management Mode) code. A list of affected products and versions are available in https://support.hp.com/rs-en/document/c06456250.

Affected Products
Vendor
HP Inc.HP Inc.
Product
Multiple - See https://support.hp.com/rs-en/document/c06456250
Versions
Affected
  • Multiple - See https://support.hp.com/rs-en/document/c06456250
Problem Types
TypeCWE IDDescription
textN/AElevation of privilege
Type: text
CWE ID: N/A
Description: Elevation of privilege
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://support.hp.com/rs-en/document/c06456250
x_refsource_CONFIRM
Hyperlink: https://support.hp.com/rs-en/document/c06456250
Resource:
x_refsource_CONFIRM
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://support.hp.com/rs-en/document/c06456250
x_refsource_CONFIRM
x_transferred
Hyperlink: https://support.hp.com/rs-en/document/c06456250
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:hp-security-alert@hp.com
Published At:05 Nov, 2019 | 21:15
Updated At:24 Aug, 2020 | 17:37

A potential security vulnerability has been identified in multiple HP products and versions which involves possible execution of arbitrary code during boot services that can result in elevation of privilege. The EFI_BOOT_SERVICES structure might be overwritten by an attacker to execute arbitrary SMM (System Management Mode) code. A list of affected products and versions are available in https://support.hp.com/rs-en/document/c06456250.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary2.09.0HIGH
AV:N/AC:L/Au:S/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 9.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C
CPE Matches

HP Inc.
hp
>>260_g1_dm_firmware>>Versions before 2.27(exclusive)
cpe:2.3:o:hp:260_g1_dm_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>260_g1_dm>>-
cpe:2.3:h:hp:260_g1_dm:-:*:*:*:*:*:*:*
HP Inc.
hp
>>280_pro_g1_firmware>>Versions before 80.3(exclusive)
cpe:2.3:o:hp:280_pro_g1_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>280_pro_g1>>-
cpe:2.3:h:hp:280_pro_g1:-:*:*:*:*:*:*:*
HP Inc.
hp
>>285_g2_firmware>>Versions before a0.23(exclusive)
cpe:2.3:o:hp:285_g2_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>285_g2>>-
cpe:2.3:h:hp:285_g2:-:*:*:*:*:*:*:*
HP Inc.
hp
>>340_g3_firmware>>Versions before f.48(exclusive)
cpe:2.3:o:hp:340_g3_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>340_g3>>-
cpe:2.3:h:hp:340_g3:-:*:*:*:*:*:*:*
HP Inc.
hp
>>340_g4_firmware>>Versions before f.55(exclusive)
cpe:2.3:o:hp:340_g4_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>340_g4>>-
cpe:2.3:h:hp:340_g4:-:*:*:*:*:*:*:*
HP Inc.
hp
>>346_g3_firmware>>Versions before f.48(exclusive)
cpe:2.3:o:hp:346_g3_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>346_g3>>-
cpe:2.3:h:hp:346_g3:-:*:*:*:*:*:*:*
HP Inc.
hp
>>346_g4_firmware>>Versions before f.46(exclusive)
cpe:2.3:o:hp:346_g4_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>346_g4>>-
cpe:2.3:h:hp:346_g4:-:*:*:*:*:*:*:*
HP Inc.
hp
>>348_g3_firmware>>Versions before f.48(exclusive)
cpe:2.3:o:hp:348_g3_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>348_g3>>-
cpe:2.3:h:hp:348_g3:-:*:*:*:*:*:*:*
HP Inc.
hp
>>348_g4_firmware>>Versions before f.55(exclusive)
cpe:2.3:o:hp:348_g4_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>348_g4>>-
cpe:2.3:h:hp:348_g4:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elite_slice_firmware>>Versions before 2.42(exclusive)
cpe:2.3:o:hp:elite_slice_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elite_slice>>-
cpe:2.3:h:hp:elite_slice:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elite_x2_1011_g1>>-
cpe:2.3:h:hp:elite_x2_1011_g1:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elite_x2_1011_g1_firmware>>Versions before 1.27(exclusive)
cpe:2.3:o:hp:elite_x2_1011_g1_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elite_x2_1012_g1>>-
cpe:2.3:h:hp:elite_x2_1012_g1:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elite_x2_1012_g1_firmware>>Versions before 1.42(exclusive)
cpe:2.3:o:hp:elite_x2_1012_g1_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_1030_g1>>-
cpe:2.3:h:hp:elitebook_1030_g1:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_1030_g1_firmware>>Versions before 1.42(exclusive)
cpe:2.3:o:hp:elitebook_1030_g1_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_1040_g2>>-
cpe:2.3:h:hp:elitebook_1040_g2:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_1040_g2_firmware>>Versions before 1.17(exclusive)
cpe:2.3:o:hp:elitebook_1040_g2_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_720_g1_>>-
cpe:2.3:h:hp:elitebook_720_g1_:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_720_g1__firmware>>Versions before 1.48(exclusive)
cpe:2.3:o:hp:elitebook_720_g1__firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_720_g2>>-
cpe:2.3:h:hp:elitebook_720_g2:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_720_g2_firmware>>Versions before 1.29(exclusive)
cpe:2.3:o:hp:elitebook_720_g2_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_740_g1>>-
cpe:2.3:h:hp:elitebook_740_g1:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_740_g1_firmware>>Versions before 1.48(exclusive)
cpe:2.3:o:hp:elitebook_740_g1_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_740_g2>>-
cpe:2.3:h:hp:elitebook_740_g2:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_740_g2_firmware>>Versions before 1.29(exclusive)
cpe:2.3:o:hp:elitebook_740_g2_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_750_g1_firmware>>Versions before 1.48(exclusive)
cpe:2.3:o:hp:elitebook_750_g1_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_750_g1>>-
cpe:2.3:h:hp:elitebook_750_g1:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_750_g2_firmware>>Versions before 1.29(exclusive)
cpe:2.3:o:hp:elitebook_750_g2_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_750_g2>>-
cpe:2.3:h:hp:elitebook_750_g2:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_820_g1_firmware>>Versions before 1.48(exclusive)
cpe:2.3:o:hp:elitebook_820_g1_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_820_g1>>-
cpe:2.3:h:hp:elitebook_820_g1:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_820_g2_firmware>>Versions before 1.29(exclusive)
cpe:2.3:o:hp:elitebook_820_g2_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_820_g2>>-
cpe:2.3:h:hp:elitebook_820_g2:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_820_g3_firmware>>Versions before 1.42(exclusive)
cpe:2.3:o:hp:elitebook_820_g3_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_820_g3>>-
cpe:2.3:h:hp:elitebook_820_g3:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_828_g3_firmware>>Versions before 1.42(exclusive)
cpe:2.3:o:hp:elitebook_828_g3_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_828_g3>>-
cpe:2.3:h:hp:elitebook_828_g3:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_840_g1_firmware>>Versions before 1.48(exclusive)
cpe:2.3:o:hp:elitebook_840_g1_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_840_g1>>-
cpe:2.3:h:hp:elitebook_840_g1:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://support.hp.com/rs-en/document/c06456250hp-security-alert@hp.com
Vendor Advisory
Hyperlink: https://support.hp.com/rs-en/document/c06456250
Source: hp-security-alert@hp.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

219Records found

CVE-2013-3576
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-9||HIGH
EPSS-66.59% / 99.19%
||
7 Day CHG~0.00%
Published-14 Jun, 2013 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands via shell metacharacters in the PATH_INFO to smhutil/snmpchp.php.en.

Action-Not Available
Vendor-n/aHP Inc.
Product-system_management_homepagen/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-45625
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.2||HIGH
EPSS-1.81% / 75.97%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 22:57
Updated-02 Aug, 2024 | 20:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

Action-Not Available
Vendor-HP Inc.Aruba NetworksHewlett Packard Enterprise (HPE)
Product-arubaosinstantosAruba Access Points: 100 Series; 103 Series; 110 Series; 120 Series; 130 Series; 200 Series; 207 Series; 210 Series; 220 Series; 260 Series; 300 Series; 303 Series; 310 Series; 318 Series Hardened Access Points; 320 Series; 330 Series; 340 Series; 370 Series; 500 Series; 510 Series; 530 Series; 550 Series; 630 Series; 650 Series;
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2012-2009
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9||HIGH
EPSS-2.29% / 81.14%
||
7 Day CHG~0.00%
Published-09 May, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Performance Insight for Networks 5.3.x, 5.41, 5.41.001, and 5.41.002 allows remote authenticated users to gain privileges via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-performance_insightn/a
CVE-2012-2014
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9||HIGH
EPSS-3.05% / 85.94%
||
7 Day CHG~0.00%
Published-29 Jun, 2012 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP System Management Homepage (SMH) before 7.1.1 does not properly validate input, which allows remote authenticated users to have an unspecified impact via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.Microsoft CorporationLinux Kernel Organization, Inc
Product-windowssystem_management_homepagelinux_kerneln/a
CVE-2012-2015
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9||HIGH
EPSS-3.05% / 85.94%
||
7 Day CHG~0.00%
Published-29 Jun, 2012 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote authenticated users to gain privileges and obtain sensitive information via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.Microsoft CorporationLinux Kernel Organization, Inc
Product-windowssystem_management_homepagelinux_kerneln/a
CVE-2011-2411
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9||HIGH
EPSS-5.99% / 92.43%
||
7 Day CHG~0.00%
Published-02 Oct, 2011 | 20:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability on HP NonStop Servers with software H06.x through H06.23.00 and J06.x through J06.12.00, when Samba is used, allows remote authenticated users to execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.Samba
Product-sambanonstop_servernonstop_server_softwaren/a
CVE-2011-1540
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9||HIGH
EPSS-4.74% / 90.78%
||
7 Day CHG~0.00%
Published-29 Apr, 2011 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote authenticated users to execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-system_management_homepagen/a
CVE-2019-5373
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.64% / 88.20%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:47
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2019-5359
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.64% / 88.19%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:40
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2019-5353
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.64% / 88.19%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:37
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2010-3992
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9||HIGH
EPSS-1.82% / 76.19%
||
7 Day CHG~0.00%
Published-28 Oct, 2010 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Insight Control Server Migration before 6.2 allows remote authenticated users to gain privileges via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-insight_control_server_migration6.0.1insight_control_server_migrationn/a
CVE-2019-5363
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.64% / 88.20%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:43
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2019-5389
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.64% / 88.19%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:55
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2019-5365
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.64% / 88.19%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:44
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2019-5345
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.64% / 88.20%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:15
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2019-5360
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.64% / 88.19%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:41
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2019-5376
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.46% / 87.61%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:49
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CVE-2009-3841
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9||HIGH
EPSS-3.40% / 87.38%
||
7 Day CHG~0.00%
Published-17 Nov, 2009 | 18:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.5x, 7.5x, and 7.60 on Windows allows remote authenticated users to execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.Microsoft Corporation
Product-windowsdiscovery\&dependency_mapping_inventoryn/a
CVE-2019-11976
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-1.86% / 76.70%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:26
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-11956
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-5.81% / 92.23%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:08
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2008-4415
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9||HIGH
EPSS-3.61% / 88.07%
||
7 Day CHG~0.00%
Published-17 Nov, 2008 | 23:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Service Manager (HPSM) before 7.01.71 allows remote authenticated users to execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-service_managern/a
CVE-2008-3538
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9||HIGH
EPSS-3.58% / 87.98%
||
7 Day CHG~0.00%
Published-02 Sep, 2008 | 14:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Enterprise Discovery 2.0 through 2.52 on Windows allows remote authenticated users to execute arbitrary code via unknown vectors. NOTE: the initial description of this CVE was inadvertently associated with libxml2, but it should be for HP Enterprise Discovery.

Action-Not Available
Vendor-n/aHP Inc.Microsoft Corporation
Product-windowsenterprise_discoveryn/a
CVE-2019-11953
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.64% / 88.20%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:07
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2019-11941
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.46% / 87.60%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:56
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CVE-2019-11973
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-1.86% / 76.70%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:24
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-11967
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.46% / 87.61%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:22
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11974
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-1.86% / 76.70%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:25
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-11947
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-2.88% / 85.15%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:59
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2019-11986
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.64% / 88.20%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:20
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2019-11984
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-1.86% / 76.70%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:28
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-11942
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.64% / 88.19%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:57
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2019-11977
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-1.86% / 76.70%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:26
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-11964
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.64% / 88.19%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:19
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2019-11979
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-1.86% / 76.70%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:27
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-11972
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-1.86% / 76.70%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:24
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-11962
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.64% / 88.20%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:14
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2019-11958
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.64% / 88.20%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:09
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2019-11963
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.64% / 88.20%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:14
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2019-11952
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.64% / 88.20%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:07
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2019-11971
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-1.86% / 76.70%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:24
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-11970
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-1.86% / 76.70%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:23
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-11966
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-2.17% / 80.02%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:20
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote privilege escalation vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2019-11959
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.64% / 88.20%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:13
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2019-11954
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.64% / 88.20%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:07
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2019-11990
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-1.57% / 72.31%
||
7 Day CHG~0.00%
Published-19 Jul, 2019 | 21:30
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Security vulnerabilities in HPE UIoT versions 1.6, 1.5, 1.4.2, 1.4.1, 1.4.0, and 1.2.4.2 could allow unauthorized remote access and access to sensitive data. HPE has addressed this issue in HPE UIoT: * For customers with release UIoT 1.6, fixes are made available with 1.6 RP603 * For customers with release UIoT 1.5, fixes are made available with 1.5 RP503 HF3 * For customers with release older than 1.5, such as 1.4.0, 1.4.1, 1.4.2 and 1.2.4.2, the resolution will be to upgrade to 1.5 RP503 HF3 or 1.6 RP603 Customers are requested to upgrade to the updated versions or contact HPE support for further assistance.

Action-Not Available
Vendor-n/aHP Inc.
Product-universal_internet_of_thingsHPE IOT and GCP
CVE-2019-11968
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.46% / 87.61%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:22
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11960
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.64% / 88.20%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:13
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2019-11980
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-1.54% / 71.93%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:28
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code exection vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11951
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.64% / 88.19%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 15:06
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2019-11948
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-3.64% / 88.19%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:59
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next
Details not found