HP » Network Node Manager I : Security Vulnerabilities, CVEs,
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.1x and 9.20 allows remote attackers to execute arbitrary code via unknown vectors.
Max CVSS
10.0
EPSS Score
10.72%
Published
2012-12-06
Updated
2013-03-14
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors.
Max CVSS
10.0
EPSS Score
3.43%
Published
2014-04-19
Updated
2019-10-09
CVE-2014-2624
Public exploit
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2264.
Max CVSS
10.0
EPSS Score
97.06%
Published
2014-09-11
Updated
2017-08-29
A Remote Bypass Security Restriction vulnerability in HPE Network Node Manager i (NNMi) Software versions v10.0x, v10.1x, v10.2x was found.
Max CVSS
10.0
EPSS Score
0.38%
Published
2018-02-15
Updated
2019-10-03
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
Max CVSS
8.8
EPSS Score
0.21%
Published
2016-05-07
Updated
2016-12-01
A remote arbitrary code execution vulnerability was identified in HP Network Node Manager i (NNMi) Software 10.00, 10.01 (patch1), 10.01 (patch 2), 10.10 using Java Deserialization.
Max CVSS
8.8
EPSS Score
1.01%
Published
2018-08-06
Updated
2018-10-05
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to modify data or cause a denial of service via unspecified vectors.
Max CVSS
8.5
EPSS Score
0.25%
Published
2016-05-07
Updated
2016-12-01
A local code execution security vulnerability was identified in HP Network Node Manager i (NNMi) v10.00, v10.10 and v10.20 Software.
Max CVSS
7.8
EPSS Score
0.04%
Published
2018-08-06
Updated
2018-10-05
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00, 9.1x, and 9.2x allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
Max CVSS
7.5
EPSS Score
0.54%
Published
2013-07-13
Updated
2019-10-09
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote attackers to bypass authentication via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.23%
Published
2016-05-07
Updated
2016-12-01
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x allows remote authenticated users to obtain access to processes via unknown vectors.
Max CVSS
6.5
EPSS Score
0.56%
Published
2011-04-22
Updated
2016-08-23
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to obtain sensitive information via unspecified vectors.
Max CVSS
6.5
EPSS Score
0.11%
Published
2016-05-07
Updated
2016-12-01
Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-2011.
Max CVSS
5.4
EPSS Score
0.05%
Published
2016-05-07
Updated
2016-12-01
Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-2010.
Max CVSS
5.4
EPSS Score
0.05%
Published
2016-05-07
Updated
2016-12-01
A security vulnerability was identified in HP Network Node Manager i (NNMi) Software 10.00, 10.01 (patch1), 10.01 (patch 2), 10.10. The vulnerability could result in cross-site scripting (XSS).
Max CVSS
5.4
EPSS Score
0.10%
Published
2018-08-06
Updated
2018-10-04
A security vulnerability was identified in HP Network Node Manager i (NNMi) Software 10.00, 10.01 (patch1), 10.01 (patch 2), 10.10. The vulnerability could result in cross-site scripting (XSS).
Max CVSS
5.4
EPSS Score
0.10%
Published
2018-08-06
Updated
2018-10-04
wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communications Platform 1.2.11 and 5.1.1; JBoss Enterprise BRMS Platform 5.1.0; and JBoss Enterprise Web Platform 5.1.1 does not properly handle recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted request containing an XML document with a DOCTYPE declaration and a large number of nested entity references, a similar issue to CVE-2003-1564.
Max CVSS
5.0
EPSS Score
1.10%
Published
2013-07-29
Updated
2019-10-09
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.20 allows remote attackers to obtain sensitive information via unknown vectors.
Max CVSS
5.0
EPSS Score
0.46%
Published
2012-10-04
Updated
2017-08-29
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00 allows local users to read arbitrary files via unknown vectors.
Max CVSS
4.6
EPSS Score
0.04%
Published
2011-04-15
Updated
2017-08-17
Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.00 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.14%
Published
2011-04-15
Updated
2017-08-17
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x allows local users to read or modify (1) log files or (2) other data via unknown vectors.
Max CVSS
4.3
EPSS Score
0.04%
Published
2011-05-13
Updated
2011-09-22
Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4156.
Max CVSS
4.3
EPSS Score
1.21%
Published
2011-11-16
Updated
2012-02-14
Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4155.
Max CVSS
4.3
EPSS Score
1.21%
Published
2011-11-16
Updated
2012-02-14
Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i 9.10 allow remote attackers to inject arbitrary web script or HTML via the (1) node parameter to nnm/mibdiscover; (2) nodename parameter to nnm/protected/configurationpoll.jsp, (3) nnm/protected/ping.jsp, (4) nnm/protected/statuspoll.jsp, or (5) nnm/protected/traceroute.jsp; or (6) field parameter to nmm/validate. NOTE: this might be a duplicate of CVE-2011-4155 or CVE-2011-4156.
Max CVSS
4.3
EPSS Score
1.00%
Published
2012-09-20
Updated
2018-10-09
Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 8.x, 9.0x, and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.85%
Published
2012-07-05
Updated
2013-03-22