RSS   Vulnerabilities for 'Network automation'   RSS

2018-05-22
 
CVE-2018-6493

CWE-89
 

 
SQL Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow Remote SQL Injection.

 
 
CVE-2018-6492

CWE-79
 

 
Persistent Cross-Site Scripting, and non-persistent HTML Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow persistent cross-site scripting, and non-persistent HTML Injection.

 
2018-02-15
 
CVE-2017-5814

CWE-89
 

 
A remote sql injection authentication bypass in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.

 
 
CVE-2017-5813

CWE-284
 

 
A remote unauthenticated access vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.

 
 
CVE-2017-5812

CWE-89
 

 
A remote sql information disclosure vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.

 
 
CVE-2017-5811

CWE-200
 

 
A remote code execution vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.

 
 
CVE-2017-5810

CWE-89
 

 
A remote sql injection vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.

 
 
CVE-2016-8511

CWE-502
 

 
A Remote Code Execution vulnerability in HPE Network Automation using RPCServlet and Java Deserialization version v9.1x, v9.2x, v10.00, v10.00.01, v10.00.02, v10.10, v10.11, v10.11.01, v10.20 was found.

 
2016-09-29
 
CVE-2016-4386

 

 
HPE Network Automation Software 10.10 allows local users to write to arbitrary files via unspecified vectors.

 
 
CVE-2016-4385

CWE-502
 

 
The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) and Commons BeanUtils libraries.

 


Copyright 2019, cxsecurity.com

 

Back to Top