Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-6318

Summary
Assigner-hp
Assigner Org ID-74586083-13ce-40fd-b46a-8e5d23cfbcb2
Published At-11 Apr, 2019 | 14:45
Updated At-04 Aug, 2024 | 20:16
Rejected At-
Credits

HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP Officejet Enterprise printers have an insufficient solution bundle signature validation that potentially allows execution of arbitrary code.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:hp
Assigner Org ID:74586083-13ce-40fd-b46a-8e5d23cfbcb2
Published At:11 Apr, 2019 | 14:45
Updated At:04 Aug, 2024 | 20:16
Rejected At:
▼CVE Numbering Authority (CNA)

HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP Officejet Enterprise printers have an insufficient solution bundle signature validation that potentially allows execution of arbitrary code.

Affected Products
Vendor
HP Inc.HP
Product
HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP Officejet Enterprise printers
Versions
Affected
  • affecting multiple firmware versions
Problem Types
TypeCWE IDDescription
textN/AExecution of arbitrary code.
Type: text
CWE ID: N/A
Description: Execution of arbitrary code.
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.hp.com/us-en/document/c06265454
x_refsource_CONFIRM
Hyperlink: https://support.hp.com/us-en/document/c06265454
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.hp.com/us-en/document/c06265454
x_refsource_CONFIRM
x_transferred
Hyperlink: https://support.hp.com/us-en/document/c06265454
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:hp-security-alert@hp.com
Published At:11 Apr, 2019 | 15:29
Updated At:24 Aug, 2020 | 17:37

HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP Officejet Enterprise printers have an insufficient solution bundle signature validation that potentially allows execution of arbitrary code.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.09.8CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.0
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
HP Inc.
hp
>>color_laserjet_cm4540_mfp>>-
cpe:2.3:h:hp:color_laserjet_cm4540_mfp:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_cm4540_mfp_firmware>>Versions before 2309010_581401(exclusive)
cpe:2.3:o:hp:color_laserjet_cm4540_mfp_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_cp5525>>-
cpe:2.3:h:hp:color_laserjet_enterprise_cp5525:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_cp5525_firmware>>Versions before 2309010_581402(exclusive)
cpe:2.3:o:hp:color_laserjet_enterprise_cp5525_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_m553_firmware>>Versions before 2309010_581409(exclusive)
cpe:2.3:o:hp:color_laserjet_enterprise_m553_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_m553>>-
cpe:2.3:h:hp:color_laserjet_enterprise_m553:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_m552_firmware>>Versions before 2309010_581409(exclusive)
cpe:2.3:o:hp:color_laserjet_enterprise_m552_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_m552>>-
cpe:2.3:h:hp:color_laserjet_enterprise_m552:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_m552_firmware>>Versions before 2407081_00060(exclusive)
cpe:2.3:o:hp:color_laserjet_enterprise_m552_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_m552>>-
cpe:2.3:h:hp:color_laserjet_enterprise_m552:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_managed_m553_firmware>>Versions before 2309010_581409(exclusive)
cpe:2.3:o:hp:color_laserjet_managed_m553_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_managed_m553>>-
cpe:2.3:h:hp:color_laserjet_managed_m553:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_managed_m553_firmware>>Versions before 2407081_000601(exclusive)
cpe:2.3:o:hp:color_laserjet_managed_m553_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_managed_m553>>-
cpe:2.3:h:hp:color_laserjet_managed_m553:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_m651_firmware>>Versions before 2309010_581418(exclusive)
cpe:2.3:o:hp:color_laserjet_enterprise_m651_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_m651>>-
cpe:2.3:h:hp:color_laserjet_enterprise_m651:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_m651_firmware>>Versions before 2407081_000585(exclusive)
cpe:2.3:o:hp:color_laserjet_enterprise_m651_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_m651>>-
cpe:2.3:h:hp:color_laserjet_enterprise_m651:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_managed_m651_firmware>>Versions before 2309010_581418(exclusive)
cpe:2.3:o:hp:color_laserjet_managed_m651_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_managed_m651>>-
cpe:2.3:h:hp:color_laserjet_managed_m651:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_managed_m651_firmware>>Versions before 2407081_000585(exclusive)
cpe:2.3:o:hp:color_laserjet_managed_m651_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_managed_m651>>-
cpe:2.3:h:hp:color_laserjet_managed_m651:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_m652_firmware>>Versions before 2407081_000586(exclusive)
cpe:2.3:o:hp:color_laserjet_enterprise_m652_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_m652>>-
cpe:2.3:h:hp:color_laserjet_enterprise_m652:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_m653_firmware>>Versions before 2407081_000586(exclusive)
cpe:2.3:o:hp:color_laserjet_enterprise_m653_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_m653>>-
cpe:2.3:h:hp:color_laserjet_enterprise_m653:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_m750_firmware>>Versions before 2309010_581423(exclusive)
cpe:2.3:o:hp:color_laserjet_enterprise_m750_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_m750>>-
cpe:2.3:h:hp:color_laserjet_enterprise_m750:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_m855_firmware>>Versions before 2309010_581419(exclusive)
cpe:2.3:o:hp:color_laserjet_enterprise_m855_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_m855>>-
cpe:2.3:h:hp:color_laserjet_enterprise_m855:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_m855_firmware>>Versions before 2407081_000589(exclusive)
cpe:2.3:o:hp:color_laserjet_enterprise_m855_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_m855>>-
cpe:2.3:h:hp:color_laserjet_enterprise_m855:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_mfp_m577_firmware>>Versions before 2309010_581408(exclusive)
cpe:2.3:o:hp:color_laserjet_enterprise_mfp_m577_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_mfp_m577>>-
cpe:2.3:h:hp:color_laserjet_enterprise_mfp_m577:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_mfp_m577_firmware>>Versions before 2407081_000571(exclusive)
cpe:2.3:o:hp:color_laserjet_enterprise_mfp_m577_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_mfp_m577>>-
cpe:2.3:h:hp:color_laserjet_enterprise_mfp_m577:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_flow_mfp_m577_firmware>>Versions before 2309010_581408(exclusive)
cpe:2.3:o:hp:color_laserjet_enterprise_flow_mfp_m577_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_flow_mfp_m577>>-
cpe:2.3:h:hp:color_laserjet_enterprise_flow_mfp_m577:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_flow_mfp_m577_firmware>>Versions before 2407081_000571(exclusive)
cpe:2.3:o:hp:color_laserjet_enterprise_flow_mfp_m577_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_flow_mfp_m577>>-
cpe:2.3:h:hp:color_laserjet_enterprise_flow_mfp_m577:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_mfp_m680_firmware>>Versions before 2309010_581416(exclusive)
cpe:2.3:o:hp:color_laserjet_enterprise_mfp_m680_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_mfp_m680>>-
cpe:2.3:h:hp:color_laserjet_enterprise_mfp_m680:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_mfp_m680_firmware>>Versions before 2407081_000591(exclusive)
cpe:2.3:o:hp:color_laserjet_enterprise_mfp_m680_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_mfp_m680>>-
cpe:2.3:h:hp:color_laserjet_enterprise_mfp_m680:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_flow_mfp_m680_firmware>>Versions before 2309010_581416(exclusive)
cpe:2.3:o:hp:color_laserjet_enterprise_flow_mfp_m680_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_flow_mfp_m680>>-
cpe:2.3:h:hp:color_laserjet_enterprise_flow_mfp_m680:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_flow_mfp_m680_firmware>>Versions before 2407081_000591(exclusive)
cpe:2.3:o:hp:color_laserjet_enterprise_flow_mfp_m680_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_flow_mfp_m680>>-
cpe:2.3:h:hp:color_laserjet_enterprise_flow_mfp_m680:-:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_mfp_m681_firmware>>Versions before 2407081_000578(exclusive)
cpe:2.3:o:hp:color_laserjet_enterprise_mfp_m681_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>color_laserjet_enterprise_mfp_m681>>-
cpe:2.3:h:hp:color_laserjet_enterprise_mfp_m681:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-347Primarynvd@nist.gov
CWE ID: CWE-347
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://support.hp.com/us-en/document/c06265454hp-security-alert@hp.com
Vendor Advisory
Hyperlink: https://support.hp.com/us-en/document/c06265454
Source: hp-security-alert@hp.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

299Records found
CVE-2018-5923
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.54% / 80.63%
||
7 Day CHG~0.00%
Published-27 Mar, 2019 | 15:15
Updated-05 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In HP LaserJet Enterprise, HP PageWide Enterprise, HP LaserJet Managed, and HP OfficeJet Enterprise Printers, solution application signature checking may allow potential execution of arbitrary code.

Action-Not Available
Vendor-HPHP Inc.
Product-color_laserjet_managed_flow_mfp_e87660zcolor_laserjet_managed_mfp_e87640dn_firmwareofficejet_enterprise_color_x555dnlaserjet_enterprise_mfp_m633fh_firmwarelaserjet_enterprise_mfp_m631dn_firmwarelaserjet_enterprise_color_flow_mfp_m575c_firmwarelaserjet_managed_mfp_e82560dn_firmwarepagewide_enterprise_color_x556dnpagewide_managed_color_e75160dncolor_laserjet_managed_mfp_e77825_firmwarecolor_laserjet_managed_mfp_e67560dhpagewide_managed_color_mfp_e77650dnlaserjet_enterprise_flow_m830z_mfpcolor_laserjet_enterprise_m652n_firmwarecolor_laserjet_enterprise_m552color_laserjet_managed_flow_mfp_e67550flaserjet_enterprise_m4555_mfp_firmwarelaserjet_enterprise_flow_mfp_m632zcolor_laserjet_enterprise_m653dnlaserjet_managed_e60075dnlaserjet_managed_flow_mfp_e62575z_firmwarepagewide_enterprise_color_x556xhcolor_laserjet_m680pagewide_enterprise_color_mfp_586flaserjet_enterprise_flow_mfp_m633z_firmwarelaserjet_managed_mfp_e72525_firmwarecolor_laserjet_enterprise_flow_mfp_m681z_firmwarelaserjet_enterprise_m608dh_firmwarecolor_laserjet_managed_mfp_e67550dh_firmwarelaserjet_managed_e60055dn_firmwarecolor_laserjet_managed_e55040dw_firmwarelaserjet_enterprise_600_m603xhlaserjet_enterprise_700_color_mfp_m775_firmwarelaserjet_enterprise_700_color_mfp_m775laserjet_managed_e60075dn_firmwarecolor_laserjet_managed_mfp_e87650_firmwarecolor_laserjet_managed_mfp_e87660dn_firmwarelaserjet_enterprise_mfp_m630_firmwarelaserjet_enterprise_m609dn_firmwarelaserjet_enterprise_m604color_laserjet_managed_mfp_e57540dn_firmwarelaserjet_enterprise_mfp_m725pagewide_managed_color_flow_mfp_e77660dn_firmwarepagewide_managed_color_flow_mfp_e77660zcolor_laserjet_enterprise_m653xlaserjet_enterprise_m607dnlaserjet_managed_flow_mfp_e52545cpagewide_managed_color_flow_mfp_e77660zspagewide_managed_color_mfp_e58650dn_firmwarelaserjet_enterprise_500_mfp_m525flaserjet_enterprise_600_m603xh_firmwarescanjet_enterprise_8500_document_capture_workstation_firmwarecolor_laserjet_managed_flow_mfp_e87660z_firmwarecolor_laserjet_managed_flow_mfp_e77822laserjet_managed_mfp_e72530color_laserjet_managed_mfp_e77825color_laserjet_enterprise_flow_mfp_m681fpagewide_managed_color_mfp_e58650dncolor_laserjet_managed_flow_mfp_e67560z_firmwarecolor_laserjet_cp5525laserjet_enterprise_m608n_firmwarelaserjet_enterprise_m608dnlaserjet_managed_e60065x_firmwarelaserjet_managed_e60075xcolor_laserjet_managed_e65060x_firmwarelaserjet_enterprise_800_color_m855officejet_enterprise_color_x555xh_firmwarelaserjet_managed_flow_mfp_e72530color_laserjet_managed_e65060xcolor_laserjet_managed_flow_mfp_e87640_firmwarecolor_laserjet_enterprise_m652npagewide_managed_color_flow_mfp_e77660dnofficejet_enterprise_color_mfp_x585_firmwarepagewide_managed_color_flow_mfp_e77650zcolor_laserjet_enterprise_flow_mfp_m681f_firmwarepagewide_enterprise_color_flow_mfp_586z_firmwarelaserjet_enterprise_mfp_m632hlaserjet_managed_mfp_e62555dn_firmwarelaserjet_managed_e50045dw_firmwarecolor_laserjet_enterprise_m553_firmwarecolor_laserjet_enterprise_m651laserjet_enterprise_500_color_mfp_m575dn_firmwarelaserjet_enterprise_m608dn_firmwarecolor_laserjet_managed_flow_mfp_e77825color_laserjet_enterprise_m653x_firmwarecolor_laserjet_enterprise_m750color_laserjet_cm4540_mfppagewide_managed_color_flow_mfp_e77650z_firmwarecolor_laserjet_cp5525_firmwarelaserjet_managed_mfp_e72530_firmwarelaserjet_managed_mfp_e82550_firmwarepagewide_enterprise_color_mpf_785f_firmwarecolor_laserjet_enterprise_mfp_m681fcolor_laserjet_managed_flow_mfp_e87650_firmwarelaserjet_enterprise_m806_firmwarecolor_laserjet_managed_flow_mfp_e77830zcolor_laserjet_enterprise_m750_firmwarecolor_laserjet_m680_firmwarelaserjet_managed_mfp_e72535dnlaserjet_managed_flow_mfp_e82550laserjet_enterprise_color_500_m551_firmwarelaserjet_managed_flow_mfp_e62555dnlaserjet_enterprise_mfp_m725_firmwarelaserjet_enterprise_600_m601_firmwarepagewide_managed_color_e55650dncolor_laserjet_managed_mfp_e67550dhpagewide_enterprise_color_mpf_780dn_firmwarecolor_laserjet_enterprise_m652dn_firmwarelaserjet_enterprise_m609dhlaserjet_enterprise_600_m602pagewide_managed_color_flow_mfp_e77660zts_firmwarelaserjet_enterprise_flow_mfp_m631hpagewide_managed_color_mfp_e77650dn_firmwarelaserjet_enterprise_m605laserjet_enterprise_m606laserjet_managed_e60065dnofficejet_enterprise_color_mfp_x585laserjet_enterprise_m605_firmwarelaserjet_enterprise_800_color_m855_firmwarecolor_laserjet_enterprise_m552_firmwarelaserjet_enterprise_mfp_m633fhcolor_laserjet_managed_e65060dn_firmwarelaserjet_managed_e50045dwpagewide_enterprise_color_mpf_785zspagewide_managed_color_flow_mfp_e77650zs_firmwarelaserjet_enterprise_m608dhdigital_sender_flow_8500_fn2_document_capture_workstation_firmwarecolor_laserjet_managed_flow_mfp_e77825_firmwarecolor_laserjet_enterprise_m653dh_firmwarelaserjet_managed_flow_mfp_e62565hcolor_laserjet_enterprise_m653dhscanjet_enterprise_flow_n9120_document_flatbed_scannercolor_laserjet_managed_flow_mfp_e57540c_firmwarelaserjet_managed_flow_mfp_e72525_firmwareofficejet_enterprise_color_flow_mfp_x585_firmwarecolor_laserjet_managed_flow_mfp_e67550f_firmwarelaserjet_managed_mfp_e62565hscolor_laserjet_managed_mfp_e77830dncolor_laserjet_managed_mfp_e77822laserjet_enterprise_mfp_m527_firmwarepagewide_managed_color_mfp_e77650dnspagewide_managed_color_flow_mfp_e58650zlaserjet_enterprise_700_m712xh_firmwarelaserjet_managed_flow_mfp_e82560z_firmwarelaserjet_enterprise_m607nlaserjet_managed_mfp_e82560dnlaserjet_enterprise_mfp_m527laserjet_enterprise_mfp_m631z_firmwarelaserjet_enterprise_mfp_m632fht_firmwarelaserjet_managed_mfp_e52545dnlaserjet_managed_e60065dn_firmwarecolor_laserjet_enterprise_mfp_m681dh_firmwarelaserjet_enterprise_flow_mfp_m632z_firmwarepagewide_managed_color_mfp_e77650dns_firmwarepagewide_managed_color_e55650dn_firmwarecolor_laserjet_cm4540_mfp_firmwarepagewide_enterprise_color_mfp_586dn_firmwarelaserjet_enterprise_flow_mfp_m633zlaserjet_enterprise_m607n_firmwarepagewide_enterprise_color_mfp_586f_firmwarelaserjet_enterprise_m609x_firmwarescanjet_enterprise_flow_n9120_document_flatbed_scanner_firmwarelaserjet_enterprise_800_color_mfp_m880_firmwarelaserjet_enterprise_m608xlaserjet_managed_flow_mfp_e72530_firmwarecolor_laserjet_managed_flow_mfp_e67560zcolor_laserjet_managed_e55040dwcolor_laserjet_managed_mfp_e87640laserjet_managed_flow_mfp_e82540color_laserjet_managed_flow_mfp_e87640laserjet_managed_flow_mfp_e62565h_firmwarecolor_laserjet_enterprise_m652dnlaserjet_managed_mfp_e82540_firmwarelaserjet_enterprise_800_color_mfp_m880pagewide_enterprise_color_x556xh_firmwarepagewide_enterprise_color_flow_mfp_586zcolor_laserjet_managed_flow_mfp_e87640zlaserjet_enterprise_500_color_mfp_m575dnpagewide_enterprise_color_mfp_586dnlaserjet_managed_e60075x_firmwareofficejet_enterprise_color_flow_mfp_x585laserjet_managed_flow_mfp_e72535zlaserjet_managed_flow_mfp_e82540_firmwarelaserjet_enterprise_m609dh_firmwarelaserjet_managed_flow_mfp_e62565zcolor_laserjet_managed_flow_mfp_e77830z_firmwarecolor_laserjet_enterprise_mfp_m577laserjet_managed_flow_mfp_e62555dn_firmwarelaserjet_enterprise_m607dn_firmwarelaserjet_managed_mfp_e72525laserjet_managed_flow_mfp_e72525pagewide_enterprise_color_mpf_785flaserjet_enterprise_m608x_firmwarelaserjet_enterprise_m604_firmwarepagewide_enterprise_color_765dncolor_laserjet_managed_mfp_e77830dn_firmwarelaserjet_managed_e60065xcolor_laserjet_managed_flow_mfp_e87640z_firmwarelaserjet_enterprise_m609dnlaserjet_enterprise_700_m712xhcolor_laserjet_managed_mfp_e67560dh_firmwarelaserjet_managed_flow_mfp_e52545c_firmwarelaserjet_managed_mfp_e62565hs_firmwarelaserjet_managed_flow_mfp_e72535z_firmwarelaserjet_enterprise_mfp_m630laserjet_enterprise_600_m602_firmwarelaserjet_enterprise_mfp_m631dnlaserjet_managed_flow_mfp_e82560zcolor_laserjet_managed_e65050dn_firmwareofficejet_enterprise_color_x555dn_firmwarecolor_laserjet_managed_e65050dnpagewide_managed_color_flow_mfp_e77660zs_firmwarecolor_laserjet_enterprise_mfp_m681dhcolor_laserjet_enterprise_m651_firmwarelaserjet_enterprise_m608ncolor_laserjet_managed_flow_mfp_e87650pagewide_managed_color_e75160dn_firmwarelaserjet_enterprise_color_500_m551laserjet_enterprise_flow_mfp_m631h_firmwarepagewide_managed_color_flow_mfp_e77660ztslaserjet_enterprise_color_flow_mfp_m575cpagewide_enterprise_color_mpf_780fpagewide_enterprise_color_mpf_780f_firmwarepagewide_managed_color_flow_mfp_e58650z_firmwarecolor_laserjet_managed_e65060dncolor_laserjet_enterprise_mfp_m577_firmwarelaserjet_enterprise_m806color_laserjet_enterprise_flow_mfp_m682z_firmwarecolor_laserjet_managed_mfp_e57540dncolor_laserjet_enterprise_mfp_m682dhlaserjet_managed_flow_mfp_e82550_firmwaredigital_sender_flow_8500_fn2_document_capture_workstationcolor_laserjet_managed_mfp_e87640_firmwarelaserjet_enterprise_m4555_mfpcolor_laserjet_managed_flow_mfp_e77822_firmwarelaserjet_enterprise_m506laserjet_enterprise_500_mfp_m525f_firmwarepagewide_managed_color_flow_mfp_e77650zscolor_laserjet_managed_flow_mfp_e57540ccolor_laserjet_managed_mfp_e77822_firmwarepagewide_managed_color_flow_mfp_e77660z_firmwarecolor_laserjet_enterprise_mfp_m682dh_firmwarepagewide_enterprise_color_mpf_785zs_firmwarelaserjet_enterprise_mfp_m632h_firmwarelaserjet_enterprise_m609xcolor_laserjet_enterprise_flow_mfp_m682zlaserjet_managed_mfp_e82550laserjet_enterprise_flow_m830z_mfp_firmwarelaserjet_managed_mfp_e62555dnlaserjet_enterprise_flow_mfp_m525claserjet_enterprise_flow_mfp_m630z_firmwarelaserjet_managed_mfp_e72535dn_firmwarelaserjet_enterprise_mfp_m631zscanjet_enterprise_8500_document_capture_workstationpagewide_enterprise_color_mpf_780dncolor_laserjet_enterprise_mfp_m681f_firmwarecolor_laserjet_enterprise_flow_mfp_m681zlaserjet_managed_mfp_e82540pagewide_enterprise_color_765dn_firmwarepagewide_enterprise_color_x556dn_firmwarecolor_laserjet_managed_mfp_e87640dnofficejet_enterprise_color_x555xhcolor_laserjet_enterprise_m553color_laserjet_managed_mfp_e87660dnlaserjet_enterprise_600_m601laserjet_managed_e60055dncolor_laserjet_enterprise_m653dn_firmwarelaserjet_managed_flow_mfp_e62575zlaserjet_enterprise_flow_mfp_m630zlaserjet_managed_mfp_e52545dn_firmwarelaserjet_managed_flow_mfp_e62565z_firmwarelaserjet_enterprise_flow_mfp_m525c_firmwarecolor_laserjet_managed_mfp_e87650laserjet_enterprise_m606_firmwarelaserjet_enterprise_m506_firmwarelaserjet_enterprise_mfp_m632fhtHP LaserJet Enterprise, HP PageWide Enterprise, HP LaserJet Managed, and HP OfficeJet Enterprise Printers
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2001-1563
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.98% / 89.28%
||
7 Day CHG~0.00%
Published-14 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.

Action-Not Available
Vendor-n/aThe Apache Software FoundationHP Inc.
Product-secure_ostomcatn/a
CVE-2002-0250
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-8.76% / 92.14%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Web configuration utility in HP AdvanceStack hubs J3200A through J3210A with firmware version A.03.07 and earlier, allows unauthorized users to bypass authentication via a direct HTTP request to the web_access.html file, which allows the user to change the switch's configuration and modify the administrator password.

Action-Not Available
Vendor-n/aHP Inc.
Product-advancestack_10base-t_switching_hub_j3201aadvancestack_10base-t_switching_hub_j3202aadvancestack_10base-t_switching_hub_j3205aadvancestack_10base-t_switching_hub_j3203aadvancestack_10base-t_switching_hub_j3210aadvancestack_10base-t_switching_hub_j3200aadvancestack_10base-t_switching_hub_j3204an/a
CVE-2002-0610
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.65% / 85.18%
||
7 Day CHG~0.00%
Published-11 Jun, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in FTPSRVR in HP MPE/iX 6.0 through 7.0 does not properly validate certain FTP commands, which allows attackers to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-mpe_ixn/a
CVE-2001-0978
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.29% / 78.82%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

login in HP-UX 10.26 does not record failed login attempts in /var/adm/btmp, which could allow attackers to conduct brute force password guessing attacks without being detected or observed using the lastb program.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2001-1039
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.60% / 68.49%
||
7 Day CHG~0.00%
Published-02 Feb, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The JetAdmin web interface for HP JetDirect does not set a password for the telnet interface when the admin password is changed, which allows remote attackers to gain access to the printer.

Action-Not Available
Vendor-n/aHP Inc.
Product-jetadminn/a
CVE-2001-0608
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.68% / 70.71%
||
7 Day CHG~0.00%
Published-27 Jul, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP architected interface facility (AIF) as includes with MPE/iX 5.5 through 6.5 running on a HP3000 allows an attacker to gain additional privileges and gain access to databases via the AIF - AIFCHANGELOGON program.

Action-Not Available
Vendor-n/aHP Inc.
Product-mpen/a
CVE-2001-0668
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.76% / 81.84%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to execute arbitrary commands.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2010-1965
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-1.73% / 81.68%
||
7 Day CHG~0.00%
Published-14 Jul, 2010 | 18:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Insight Orchestration for Windows before 6.1 allows remote attackers to read or modify data via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.Microsoft Corporation
Product-insight_orchestrationwindowsn/a
CVE-2018-7103
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-21.54% / 95.50%
||
7 Day CHG~0.00%
Published-27 Sep, 2018 | 18:00
Updated-05 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wireless Services Manager Software earlier than version IMC WSM 7.3 E0506P02.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_center_wireless_services_manager_softwareHPE Intelligent Management Center (iMC) Wireless Services Manager Software
CVE-2000-0443
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.35% / 88.48%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The web interface server in HP Web JetAdmin 5.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack.

Action-Not Available
Vendor-n/aHP Inc.
Product-jetadminn/a
CVE-1999-1324
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.01% / 76.18%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VAXstations running Open VMS 5.3 through 5.5-2 with VMS DECwindows or MOTIF do not properly disable access to user accounts that exceed the break-in limit threshold for failed login attempts, which makes it easier for attackers to conduct brute force password guessing.

Action-Not Available
Vendor-n/aHP Inc.
Product-openvms_vaxn/a
CWE ID-CWE-307
Improper Restriction of Excessive Authentication Attempts
CVE-1999-1062
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.44% / 62.21%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Laserjet printers with JetDirect cards, when configured with TCP/IP, allow remote attackers to bypass print filters by directly sending PostScript documents to TCP ports 9099 and 9100.

Action-Not Available
Vendor-n/aHP Inc.
Product-jetdirectn/a
CVE-1999-0517
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-92.33% / 99.72%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An SNMP community name is the default (e.g. public), null, or missing.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)HP Inc.
Product-sunoshp-uxn/a
CVE-1999-1163
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.51% / 65.33%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in HP Series 800 S/X/V Class servers allows remote attackers to gain access to the S/X/V Class console via the Service Support Processor (SSP) Teststation.

Action-Not Available
Vendor-n/aHP Inc.
Product-9000n/a
CVE-1999-0057
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.86% / 85.71%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vacation program allows command execution by remote users through a sendmail command.

Action-Not Available
Vendor-eric_allmann/aIBM CorporationFreeBSD FoundationSun Microsystems (Oracle Corporation)HP Inc.
Product-hp-uxvacationaixsolarissunosvvosfreebsdn/a
CVE-1999-0333
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.34% / 79.16%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP OpenView Omniback allows remote execution of commands as root via spoofing, and local users can gain root access via a symlink attack.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2017-8948
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-10.61% / 92.98%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 23:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Bypass Security Restriction vulnerability in HPE Network Node Manager i (NNMi) Software versions v10.0x, v10.1x, v10.2x was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-network_node_manager_iNetwork Node Manager i (NNMi) Software
CVE-2017-9000
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-1.36% / 79.36%
||
7 Day CHG~0.00%
Published-06 Aug, 2018 | 20:00
Updated-05 Aug, 2024 | 16:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ArubaOS, all versions prior to 6.3.1.25, 6.4 prior to 6.4.4.16, 6.5.x prior to 6.5.1.9, 6.5.2, 6.5.3 prior to 6.5.3.3, 6.5.4 prior to 6.5.4.2, 8.x prior to 8.1.0.4 FIPS and non-FIPS versions of software are both affected equally is vulnerable to unauthenticated arbitrary file access. An unauthenticated user with network access to an Aruba mobility controller on TCP port 8080 or 8081 may be able to access arbitrary files stored on the mobility controller. Ports 8080 and 8081 are used for captive portal functionality and are listening, by default, on all IP interfaces of the mobility controller, including captive portal interfaces. The attacker could access files which could contain passwords, keys, and other sensitive information that could lead to full system compromise.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-arubaosArubaOS
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-8957
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-53.98% / 97.92%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 04:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8975
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-53.98% / 97.92%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance version v1.20 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-moonshot_provisioning_manager_applianceMoonshot Provisioning Manager Appliance
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8992
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-2.89% / 85.80%
||
7 Day CHG~0.00%
Published-06 Aug, 2018 | 20:00
Updated-05 Aug, 2024 | 16:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE has identified a remote privilege escalation vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-centralview_fraud_risk_managementHPE CentralView Fraud Risk Management
CVE-2017-8990
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-35.78% / 96.95%
||
7 Day CHG~0.00%
Published-06 Aug, 2018 | 20:00
Updated-05 Aug, 2024 | 16:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wireless Service Manager (WSM) Software earlier than version WSM 7.3 (E0506). This issue was resolved in HPE IMC Wireless Services Manager Software IMC WSM 7.3 E0506P01 or subsequent version.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-imc_wireless_service_managerHPE Intelligent Management Center (IMC) Wirelss Service Manager
CVE-2017-8979
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-3.08% / 86.24%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Security vulnerabilities in the HPE Integrated Lights-Out 2 (iLO 2) firmware could be exploited remotely to allow authentication bypass, code execution, and denial of service.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-integrated_lights-out_2_firmwareintegrated_lights-outIntegrated Lights-Out 2 (iLO 2)
CVE-2017-8947
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-66.25% / 98.46%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE UCMDB version v10.10, v10.11, v10.20, v10.21, v10.22, v10.30, v10.31 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-ucmdb_configuration_managerUCMDB
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2017-8976
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-53.98% / 97.92%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 17:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance version v1.20 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-moonshot_provisioning_manager_applianceMoonshot Provisioning Manager Appliance
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8981
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-17.05% / 94.73%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 04:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0506 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8960
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-1.16% / 77.72%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 17:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Authentication Bypass vulnerability in HPE MSA 1040 and MSA 2040 SAN Storage IN version GL220P008 and earlier was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-msa_2040_san_storagemsa_1040_san_storage_firmwaremsa_2040_san_storage_firmwaremsa_1040_san_storageMSA 1040 and 2040 SAN Storage
CVE-2017-8954
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-53.98% / 97.92%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 03:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8994
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-1.37% / 79.43%
||
7 Day CHG~0.00%
Published-10 Oct, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely.

Action-Not Available
Vendor-Micro Focus International LimitedHP Inc.
Product-operations_orchestrationHPE Operations Orchestration
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8988
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-0.77% / 72.52%
||
7 Day CHG~0.00%
Published-06 Aug, 2018 | 20:00
Updated-05 Aug, 2024 | 16:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Bypass of Security Restrictions vulnerability was identified in HPE XP Command View Advanced Edition Software Earlier than 8.5.3-00. The vulnerability impacts DevMgr Earlier than 8.5.3-00 (for Windows, Linux), RepMgr earlier than 8.5.3-00 (for Windows, Linux) and HDLM earlier than 8.5.3-00 (for Windows, Linux, Solaris, AIX).

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-xp_command_viewHPE Command View Advanced Edition
CVE-2017-8956
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-13.73% / 94.01%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 02:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2017-7658
Matching Score-8
Assigner-Eclipse Foundation
ShareView Details
Matching Score-8
Assigner-Eclipse Foundation
CVSS Score-9.8||CRITICAL
EPSS-9.39% / 92.46%
||
7 Day CHG~0.00%
Published-26 Jun, 2018 | 17:00
Updated-05 Aug, 2024 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization.

Action-Not Available
Vendor-NetApp, Inc.Eclipse Foundation AISBLOracle CorporationDebian GNU/LinuxHP Inc.
Product-rest_data_serviceshci_storage_nodexp_p9000storage_services_connectorsolidfiresnapcenterretail_xstore_paymentdebian_linuxxp_p9000_command_viewsnapmanagerhci_management_nodee-series_santricity_os_controlleroncommand_system_managerretail_xstore_point_of_servicee-series_santricity_managementsnap_creator_frameworkoncommand_unified_manager_for_7-modesantricity_cloud_connectore-series_santricity_web_servicesjettyEclipse Jetty
CWE ID-CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CVE-2010-4494
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.97% / 82.77%
||
7 Day CHG~0.00%
Published-07 Dec, 2010 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.

Action-Not Available
Vendor-n/aGoogle LLCFedora Projectlibxml2 (XMLSoft)Debian GNU/LinuxSUSEThe Apache Software FoundationRed Hat, Inc.openSUSEApple Inc.HP Inc.
Product-fedorainsight_control_server_deploymentsuse_linux_enterprise_serverenterprise_linux_workstationrapid_deployment_packiphone_ositunessafarichromeopensusedebian_linuxlibxml2enterprise_linux_serveropenofficeenterprise_linux_desktopenterprise_linux_eusmac_os_xn/a
CWE ID-CWE-415
Double Free
CVE-2010-4267
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-10.22% / 92.84%
||
7 Day CHG~0.00%
Published-20 Jan, 2011 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the hpmud_get_pml function in io/hpmud/pml.c in Hewlett-Packard Linux Imaging and Printing (HPLIP) 1.6.7, 3.9.8, 3.10.9, and probably other versions allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SNMP response with a large length value.

Action-Not Available
Vendor-n/aHP Inc.
Product-linux_imaging_and_printing_projectn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-5824
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-26.55% / 96.14%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 02:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unauthenticated remote code execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-aruba_clearpass_policy_managerAruba ClearPass Policy Manager
CVE-2017-5641
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-37.36% / 97.06%
||
7 Day CHG~0.00%
Published-28 Dec, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unknown types may also exhibit such behaviors. One vector in the Java standard library exists that allows an attacker to trigger possibly further exploitable Java deserialization of untrusted data. Other known vectors in third party libraries can be used to trigger remote code execution.

Action-Not Available
Vendor-The Apache Software FoundationHP Inc.
Product-flex_blazedsxp_command_view_advanced_editionApache Flex Blaze DS
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2017-5817
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-83.65% / 99.24%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2017-5791
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-64.34% / 98.37%
||
7 Day CHG~0.00%
Published-13 Oct, 2017 | 02:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The doFilter method in UrlAccessController in HPE Intelligent Management Center (iMC) PLAT 7.2 E0403P06 allows remote bypass of authentication via unspecified strings in a URI.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_center_platHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-287
Improper Authentication
CVE-2017-5810
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-13.40% / 93.92%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 02:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote sql injection vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-network_automationNetwork Automation
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2017-5789
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-33.85% / 96.81%
||
7 Day CHG~0.00%
Published-13 Oct, 2017 | 02:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow.

Action-Not Available
Vendor-n/aHP Inc.
Product-performance_centerloadrunnerHPE LoadRunner and Performance Center
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-5819
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-53.98% / 97.92%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2017-5805
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-58.23% / 98.11%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 03:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2017-5814
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-37.13% / 97.04%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote sql injection authentication bypass in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-network_automationNetwork Automation
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2017-5816
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-90.38% / 99.58%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2010-3004
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-6.21% / 90.49%
||
7 Day CHG~0.00%
Published-08 Sep, 2010 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Operations Agent 7.36 and 8.6 on Windows allows remote attackers to execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.Microsoft Corporation
Product-operations_agentwindowsn/a
CVE-2017-5820
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-53.98% / 97.92%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 17:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CVE-2017-5806
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-58.23% / 98.11%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2017-5807
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-46.96% / 97.59%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 00:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-data_protectorData Protector
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-5792
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-82.05% / 99.16%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-502
Deserialization of Untrusted Data
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found