Multiple directory traversal vulnerabilities in crs.exe in the Cell Request Service in HP Data Protector allow remote attackers to create arbitrary files via an opcode-1091 request, or create or delete arbitrary files via an opcode-305 request. NOTE: the vendor reportedly asserts that this behavior is "by design.
Max CVSS
6.4
EPSS Score
96.04%
Published
2014-08-01
Updated
2024-03-21
Unspecified vulnerability in the server in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to bypass intended access restrictions, and modify data or cause a denial of service, via unknown vectors.
Max CVSS
9.4
EPSS Score
1.25%
Published
2014-08-23
Updated
2017-08-29
Cross-site request forgery (CSRF) vulnerability in the server in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Max CVSS
6.8
EPSS Score
0.28%
Published
2014-08-23
Updated
2017-08-29
Unspecified vulnerability in the WebTier component in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to execute arbitrary code via unknown vectors.
Max CVSS
10.0
EPSS Score
10.39%
Published
2014-08-23
Updated
2017-08-29
Unspecified vulnerability in HP Application Lifecycle Management (aka Quality Center) 11.5x and 12.0x allows local users to gain privileges via unknown vectors, aka ZDI-CAN-2138.
Max CVSS
4.6
EPSS Score
23.98%
Published
2014-08-12
Updated
2017-01-07

CVE-2014-2630

Public exploit
Unspecified vulnerability in HP Operations Agent 11.00, when Glance is used, allows local users to gain privileges via unknown vectors.
Max CVSS
4.4
EPSS Score
0.08%
Published
2014-08-12
Updated
2017-08-29
HP NonStop Safeguard Security Software G, H06.03 through H06.28.01, and J06.03 through J06.17.01 does not properly evaluate the DISKFILE-PATTERN ACL of a program object file, which allows remote authenticated users to bypass intended restrictions on program access via vectors related to process-creation time.
Max CVSS
4.0
EPSS Score
0.13%
Published
2014-08-12
Updated
2017-01-07
Unspecified vulnerability in HP Enterprise Maps 1 allows remote authenticated users to obtain sensitive information via unknown vectors.
Max CVSS
4.0
EPSS Score
0.10%
Published
2014-08-12
Updated
2019-10-09
Unspecified vulnerability in HP NonStop NetBatch G06.14 through G06.32.01, H06 through H06.28, and J06 through J06.17.01 allows remote authenticated users to gain privileges for NetBatch job execution via unknown vectors.
Max CVSS
5.2
EPSS Score
0.76%
Published
2014-08-01
Updated
2017-08-29
Cross-site scripting (XSS) vulnerability in the Mobility Web Client and Service Request Catalog (SRC) components in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.18%
Published
2014-08-23
Updated
2017-08-29
10 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!