RSS   Vulnerabilities for 'Procurve manager'   RSS

2013-09-16
 
CVE-2013-4813

CWE-94
 

 
The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allows remote attackers to execute arbitrary commands via a HEAD request, aka ZDI-CAN-1745.

 
 
CVE-2013-4812

CWE-20
 

 
UpdateCertificatesServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the fileName argument, which allows remote attackers to upload .jsp files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-1743.

 
 
CVE-2013-4811

CWE-20
 

 
UpdateDomainControllerServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the adCert argument, which allows remote attackers to upload .jsp files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-1743.

 
 
CVE-2013-4810

 

 
HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet, aka ZDI-CAN-1760. NOTE: this is probably a duplicate of CVE-2007-1036, CVE-2010-0738, and/or CVE-2012-0874.

 
 
CVE-2013-4809

CWE-89
 

 
Multiple SQL injection vulnerabilities in GetEventsServlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter.

 
2009-04-15
 
CVE-2007-4514

CWE-200
 

 
Unspecified vulnerability in HP ProCurve Manager and HP ProCurve Manager Plus 2.3 and earlier allows remote attackers to obtain sensitive information from the ProCurve Manager server via unknown attack vectors.

 

 >>> Vendor: HP 2379 Products
Hp-ux
Dtmail
VVOS
Http server
Sendmail
Desms
Mpe ix
Tru64
Openmail
Visualize conference ftp
Secure web console
Jetdirect
Apollo domain os
9000
Jetadmin
Aserver
Application server
Openview omniback ii
Openview network node manager
JDK
Insight manager
Support tools manager
Omniback ii
Virtualvault
MPE
Process resource manager
Cifs-9000 server
JRE
Secure os
Java jre-jdk
Advancestack 10base-t switching hub j3200a
Advancestack 10base-t switching hub j3201a
Advancestack 10base-t switching hub j3202a
Advancestack 10base-t switching hub j3203a
Advancestack 10base-t switching hub j3204a
Advancestack 10base-t switching hub j3205a
Advancestack 10base-t switching hub j3210a
Procurve switch 4000m
Photosmart print driver
Trucluster server
Instant support
Webes service tools
Alphaserver sc
Openview emanate snmp agent
JFS
Hp-ux series 700
Hp-ux series 800
Ldap-ux integration
Chaivm
Praesidium webproxy
Advanced server 9000
Secure web server for tru64
SIS
Instant toptools
Nonstop seeview server gateway
Openview
Bastille
Insight management suite
Remote diagnostics enabling agent
WBEM
Aaa server
Apache-based web server
Integrity
Webproxy
Integrated lights out
Openview select access
Ignite-ux
Sockd
Java sdk-rte
Storageworks command view
Workload manager
Ssl http server
Web jetadmin
Color laserjet
Color laserjet 4600
Laserjet 2500
Laserjet 3000
Laserjet 3700
Laserjet 4100 mfp
Laserjet 4200
Laserjet 4300
Laserjet 9000
Laserjet 9000 mfp
Laserjet 9040 mpf
Laserjet 9050
Laserjet 9050 mpf
Laserjet 9055
Laserjet 9065
Laserjet 9500
Laserjet 9500 mpf
Carrier grade server cc2300
Carrier grade server cc3300
Carrier grade server cc3310
Openvms
Openview radia management portal
Openview event correlation services
Reporter
Radia client
Version control repository manager
Webinspect
See all Products for Vendor HP


Copyright 2024, cxsecurity.com

 

Back to Top