An authentication vulnerability in HPE SiteScope product versions 11.2x and 11.3x, allows read-only accounts to view all SiteScope interfaces and monitors, potentially exposing sensitive data.
Max CVSS
9.8
EPSS Score
0.28%
Published
2017-09-30
Updated
2019-10-03
A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.
Max CVSS
7.5
EPSS Score
0.12%
Published
2018-02-15
Updated
2018-03-06
A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.
Max CVSS
7.8
EPSS Score
0.05%
Published
2018-02-15
Updated
2018-03-06
A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.
Max CVSS
5.5
EPSS Score
0.04%
Published
2018-02-15
Updated
2018-03-06
A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.
Max CVSS
5.5
EPSS Score
0.04%
Published
2018-02-15
Updated
2019-10-03
An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and Solaris, HP Asset Manager 9.30 through 9.32, 9.40 through 9.41, 9.50, and Asset Manager Cloudsystem Chargeback 9.40, which could let a remote malicious user obtain sensitive information. This is the TLS vulnerability known as the RC4 cipher Bar Mitzvah vulnerability.
Max CVSS
7.5
EPSS Score
0.66%
Published
2020-02-04
Updated
2021-09-09
Unspecified vulnerability in HP SiteScope 11.1x before 11.13, 11.2x before 11.24.391, and 11.3x before 11.30.521 allows remote authenticated users to gain privileges via unknown vectors, aka ZDI-CAN-2567.
Max CVSS
8.7
EPSS Score
90.20%
Published
2015-05-25
Updated
2016-12-31
Unspecified vulnerability in HP SiteScope 11.1x and 11.2x allows remote authenticated users to gain privileges via unknown vectors.
Max CVSS
5.5
EPSS Score
0.17%
Published
2015-02-02
Updated
2017-09-08
Unspecified vulnerability in HP SiteScope 11.1x through 11.13 and 11.2x through 11.24 allows remote attackers to bypass authentication via unknown vectors, aka ZDI-CAN-2140.
Max CVSS
7.5
EPSS Score
93.63%
Published
2014-07-07
Updated
2017-01-07
Unspecified vulnerability in the loadFileContents function in the SOAP implementation in HP SiteScope 10.1x, 11.1x, and 11.21 allows remote attackers to read arbitrary files or cause a denial of service via unknown vectors, aka ZDI-CAN-2084.
Max CVSS
9.4
EPSS Score
21.58%
Published
2014-03-11
Updated
2017-07-01

CVE-2013-4835

Public exploit
The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x before 11.22 allows remote attackers to bypass authentication and execute arbitrary code via a direct request to the issueSiebelCmd method, aka ZDI-CAN-1765.
Max CVSS
7.5
EPSS Score
97.14%
Published
2013-11-04
Updated
2017-07-01

CVE-2013-2367

Public exploit
Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21, when SOAP is used, allow remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1678.
Max CVSS
10.0
EPSS Score
94.56%
Published
2013-07-31
Updated
2019-10-09
Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1472.
Max CVSS
7.5
EPSS Score
10.72%
Published
2012-09-25
Updated
2019-10-09
Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1465.
Max CVSS
10.0
EPSS Score
10.72%
Published
2012-09-25
Updated
2019-10-09
Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1464.
Max CVSS
10.0
EPSS Score
10.72%
Published
2012-09-25
Updated
2019-10-09

CVE-2012-3261

Public exploit
Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1463.
Max CVSS
10.0
EPSS Score
10.72%
Published
2012-09-25
Updated
2019-10-09

CVE-2012-3260

Public exploit
Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1462.
Max CVSS
10.0
EPSS Score
10.72%
Published
2012-09-25
Updated
2019-10-09
Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1461.
Max CVSS
10.0
EPSS Score
10.72%
Published
2012-09-25
Updated
2017-08-29
Session fixation vulnerability in HP SiteScope 9.x, 10.x, and 11.x allows remote attackers to hijack web sessions via unspecified vectors.
Max CVSS
8.3
EPSS Score
1.63%
Published
2011-07-29
Updated
2017-08-29
19 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!