) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/a:hp:network_automation:9.10
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2017-5814 |
A remote sql injection authentication bypass in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found. Published: February 15, 2018; 5:29:06 PM -0500 |
V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |
| CVE-2017-5813 |
A remote unauthenticated access vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found. Published: February 15, 2018; 5:29:06 PM -0500 |
V3.0: 6.3 MEDIUM V2.0: 6.8 MEDIUM |
| CVE-2017-5812 |
A remote sql information disclosure vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found. Published: February 15, 2018; 5:29:06 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2017-5811 |
A remote code execution vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found. Published: February 15, 2018; 5:29:06 PM -0500 |
V3.0: 7.5 HIGH V2.0: 7.8 HIGH |
| CVE-2017-5810 |
A remote sql injection vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found. Published: February 15, 2018; 5:29:06 PM -0500 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
| CVE-2016-8511 |
A Remote Code Execution vulnerability in HPE Network Automation using RPCServlet and Java Deserialization version v9.1x, v9.2x, v10.00, v10.00.01, v10.00.02, v10.10, v10.11, v10.11.01, v10.20 was found. Published: February 15, 2018; 5:29:00 PM -0500 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
| CVE-2016-4385 |
The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) and Commons BeanUtils libraries. Published: September 29, 2016; 10:59:00 AM -0400 |
V3.0: 7.3 HIGH V2.0: 7.5 HIGH |
| CVE-2014-2646 |
Unspecified vulnerability in HP Network Automation 9.10 and 9.20 allows local users to bypass intended access restrictions via unknown vectors. Published: October 09, 2014; 9:55:08 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
| CVE-2011-4790 |
Unspecified vulnerability in HP Network Automation 7.5x, 7.6x, 9.0, and 9.10 allows remote attackers to execute arbitrary code via unknown vectors. Published: February 01, 2012; 7:55:01 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2011-2403 |
SQL injection vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Published: August 01, 2011; 3:55:01 PM -0400 |
V3.x:(not available) V2.0: 6.5 MEDIUM |
| CVE-2011-2402 |
Cross-site scripting (XSS) vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: August 01, 2011; 3:55:01 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2011-1725 |
Unspecified vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote attackers to obtain sensitive information via unknown vectors. Published: April 26, 2011; 8:55:05 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |