) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/a:hp:network_automation:10.00
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2018-6493 |
SQL Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow Remote SQL Injection. Published: May 22, 2018; 3:29:00 PM -0400 |
V3.1: 8.8 HIGH V2.0: 6.5 MEDIUM |
| CVE-2018-6492 |
Persistent Cross-Site Scripting, and non-persistent HTML Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow persistent cross-site scripting, and non-persistent HTML Injection. Published: May 22, 2018; 3:29:00 PM -0400 |
V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2017-5814 |
A remote sql injection authentication bypass in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found. Published: February 15, 2018; 5:29:06 PM -0500 |
V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |
| CVE-2017-5813 |
A remote unauthenticated access vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found. Published: February 15, 2018; 5:29:06 PM -0500 |
V3.0: 6.3 MEDIUM V2.0: 6.8 MEDIUM |
| CVE-2017-5812 |
A remote sql information disclosure vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found. Published: February 15, 2018; 5:29:06 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2017-5811 |
A remote code execution vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found. Published: February 15, 2018; 5:29:06 PM -0500 |
V3.0: 7.5 HIGH V2.0: 7.8 HIGH |
| CVE-2017-5810 |
A remote sql injection vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found. Published: February 15, 2018; 5:29:06 PM -0500 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
| CVE-2016-8511 |
A Remote Code Execution vulnerability in HPE Network Automation using RPCServlet and Java Deserialization version v9.1x, v9.2x, v10.00, v10.00.01, v10.00.02, v10.10, v10.11, v10.11.01, v10.20 was found. Published: February 15, 2018; 5:29:00 PM -0500 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
| CVE-2016-4385 |
The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) and Commons BeanUtils libraries. Published: September 29, 2016; 10:59:00 AM -0400 |
V3.0: 7.3 HIGH V2.0: 7.5 HIGH |
| CVE-2016-1989 |
HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1988. Published: March 14, 2016; 8:59:01 PM -0400 |
V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |
| CVE-2016-1988 |
HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1989. Published: March 14, 2016; 8:59:00 PM -0400 |
V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |