2016 VULNERABILITY DATABASE

 

 

CVE-2016-4369

Summary: HPE Discovery and Dependency Mapping Inventory (DDMi) 9.30, 9.31, 9.32, 9.32 update 1, 9.32 update 2, and 9.32 update 3 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.

Published: 6/8/2016 11:00:01 AM

 

CVE-2016-4368

Summary: HPE Universal CMDB 10.0 through 10.21, Universal CMDB Configuration Manager 10.0 through 10.21, and Universal Discovery 10.0 through 10.21 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.

Published: 6/8/2016 10:59:59 AM

 

CVE-2016-4367

Summary: The Universal Discovery component in HPE Universal CMDB 10.0, 10.01, 10.10, 10.11, 10.20, and 10.21 allows remote attackers to obtain sensitive information via unspecified vectors.

Published: 6/8/2016 10:59:57 AM

 

CVE-2016-4366

Summary: HPE Systems Insight Manager (SIM) before 7.5.1 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unspecified vectors.

Published: 6/8/2016 10:59:55 AM

 

CVSS Severity: v3 - 9.8 CRITICAL      v2 - 7.5 HIGH

 

CVE-2016-4365

Summary: HPE Insight Control server deployment allows remote attackers to obtain sensitive information via unspecified vectors.

Published: 6/8/2016 10:59:53 AM

 

CVSS Severity: v3 - 7.5 HIGH      v2 - 5.0 MEDIUM

 

CVE-2016-4364

Summary: HPE Insight Control server deployment allows local users to gain privileges via unspecified vectors.

Published: 6/8/2016 10:59:51 AM

 

CVSS Severity: v3 - 8.4 HIGH      v2 - 7.2 HIGH

 

CVE-2016-4363

Summary: HPE Insight Control server deployment allows remote attackers to modify data via unspecified vectors.

Published: 6/8/2016 10:59:49 AM

 

CVSS Severity: v3 - 6.1 MEDIUM      v2 - 4.3 MEDIUM

 

CVE-2016-4362

Summary: HPE Insight Control server deployment allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.

Published: 6/8/2016 10:59:48 AM

 

CVSS Severity: v3 - 8.1 HIGH      v2 - 5.5 MEDIUM

 

CVE-2016-4361

Summary: HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors.

Published: 6/8/2016 10:59:46 AM

 

CVE-2016-4360

Summary: HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to modify data or cause a denial of service via unspecified vectors, aka ZDI-CAN-3555.

Published: 6/8/2016 10:59:42 AM

 

CVE-2016-4359

Summary: HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via unspecified vectors, aka ZDI-CAN-3516.

Published: 6/8/2016 10:59:37 AM

 

CVSS Severity: v3 - 9.8 CRITICAL      v2 - 7.5 HIGH

 

CVE-2016-4358

Summary: HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2029.

Published: 6/8/2016 10:59:36 AM

 

CVSS Severity: v3 - 8.1 HIGH      v2 - 4.8 MEDIUM

 

CVE-2016-4357

Summary: HPE Matrix Operating Environment before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2028.

Published: 6/8/2016 10:59:34 AM

 

CVSS Severity: v3 - 8.1 HIGH      v2 - 7.5 HIGH

 

CVE-2016-2078

Summary: Cross-site scripting (XSS) vulnerability in the Web Client in VMware vCenter Server 5.1 before update 3d, 5.5 before update 3d, and 6.0 before update 2 on Windows allows remote attackers to inject arbitrary web script or HTML via a Flash parameter.

Published: 6/8/2016 10:59:33 AM

 

CVE-2016-2030

Summary: HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2020, CVE-2016-2021, and CVE-2016-2022.

Published: 6/8/2016 10:59:31 AM

 

CVSS Severity: v3 - 8.1 HIGH      v2 - 5.5 MEDIUM

 

CVE-2016-2029

Summary: HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-4358.

Published: 6/8/2016 10:59:30 AM

 

CVSS Severity: v3 - 9.1 CRITICAL      v2 - 6.4 MEDIUM

 

CVE-2016-2028

Summary: HPE Matrix Operating Environment before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-4357.

Published: 6/8/2016 10:59:29 AM

 

CVSS Severity: v3 - 8.1 HIGH      v2 - 5.5 MEDIUM

 

CVE-2016-2027

Summary: HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-2026.

Published: 6/8/2016 10:59:27 AM

 

CVSS Severity: v3 - 7.5 HIGH      v2 - 5.0 MEDIUM

 

CVE-2016-2026

Summary: HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-2027.

Published: 6/8/2016 10:59:25 AM

 

CVSS Severity: v3 - 7.5 HIGH      v2 - 5.0 MEDIUM

 

CVE-2016-2024

Summary: HPE Insight Control before 7.5.1 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via unspecified vectors.

Published: 6/8/2016 10:59:24 AM

 

 

<<< New  Older >>>