CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

HP : Security Vulnerabilities Published In 2013 (Gain Information)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2013-4843 +Info 2013-11-17 2013-11-19
6.8
None Remote Low Single system Complete None None
Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors.
2 CVE-2013-4839 DoS +Info 2013-11-04 2013-11-08
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1851.
3 CVE-2013-4832 200 +Info 2013-10-16 2013-10-16
4.0
None Remote Low Single system Partial None None
HP Service Manager 9.30 through 9.32 allows remote authenticated users to obtain sensitive information via unspecified vectors.
4 CVE-2013-4831 +Info 2013-10-16 2013-10-16
5.5
None Remote Low Single system Partial Partial None
HP Service Manager 9.30 through 9.32 does not properly manage privileges, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
5 CVE-2013-4829 200 +Info 2013-10-04 2013-10-08
1.5
None Local Medium Single system Partial None None
HP LaserJet M4555, M525, and M725; LaserJet flow MFP M525c; LaserJet Enterprise color flow MFP M575c; Color LaserJet CM4540, M575, and M775; and ScanJet Enterprise 8500fn1 FutureSmart devices allow local users to read images of arbitrary scanned documents via unspecified vectors.
6 CVE-2013-4828 310 +Info 2013-10-04 2013-10-08
4.3
None Remote Medium Not required Partial None None
HP LaserJet M4555, M525, and M725; LaserJet flow MFP M525c; LaserJet Enterprise color flow MFP M575c; Color LaserJet CM4540, M575, and M775; and ScanJet Enterprise 8500fn1 FutureSmart devices do not properly encrypt PDF documents, which allows remote attackers to obtain sensitive information via unspecified vectors.
7 CVE-2013-4826 +Info 2013-10-13 2013-10-16
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1647.
8 CVE-2013-4823 +Info 2013-10-13 2013-10-15
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (aka BIMS) allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1607.
9 CVE-2013-4820 +Info 2013-09-23 2013-09-25
2.1
None Remote High Single system Partial None None
Unspecified vulnerability in HP IceWall SSO 8.0 through 10.0, IceWall SSO Agent Option 8.0 through 10.0, IceWall SSO Smart Device Option 10.0, IceWall SSO SAML2 Agent Option 8.0, IceWall SSO JAVA Agent Library 8.0 through 10.0, IceWall Federation Agent 3.0, and IceWall File Manager 3.0 through SP4 allows remote authenticated users to obtain sensitive information via unknown vectors.
10 CVE-2013-4819 +Info 2013-09-23 2013-09-25
3.5
None Remote Medium Single system Partial None None
Unspecified vulnerability in HP IceWall SSO Agent Option 8.0 through 10.0 allows remote authenticated users to obtain sensitive information via unknown vectors.
11 CVE-2013-4818 +Info 2013-09-23 2013-09-25
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in HP IceWall SSO 8.0 through 10.0, IceWall SSO Agent Option 8.0 through 10.0, IceWall SSO Smart Device Option 10.0, and IceWall File Manager 3.0 through SP4 allows remote attackers to obtain sensitive information via unknown vectors.
12 CVE-2013-4817 +Info 2013-09-23 2013-09-25
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in HP IceWall SSO Agent Option 8.0 through 10.0 allows remote attackers to obtain sensitive information via unknown vectors.
13 CVE-2013-4806 DoS +Info 2013-08-12 2014-01-03
7.0
None Remote Medium Single system Partial None Complete
The OSPF implementation on HP JD9##A routers; HP J4###A, J484#B, J8###A, JD3##A, JE###A, and JF55#A switches; HP 3COM routers and switches; and HP H3C routers and switches does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote authenticated users to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.
14 CVE-2013-2365 +Info 2013-07-22 2013-07-26
7.9
None Local Network Medium Not required Complete Complete Complete
HP Database and Middleware Automation (DMA) 10.x before 10.10, when SSL is used, allows remote attackers to obtain sensitive information via unspecified vectors.
15 CVE-2013-2363 +Info 2013-07-22 2013-07-22
5.0
None Remote Low Not required Partial None None
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2356.
16 CVE-2013-2356 +Info 2013-07-22 2013-07-22
5.0
None Remote Low Not required Partial None None
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2363.
17 CVE-2013-2355 264 Bypass +Info 2013-07-22 2013-07-22
5.0
None Remote Low Not required Partial None None
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2012-5217.
18 CVE-2013-2351 DoS +Info 2013-07-13 2013-07-15
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00, 9.1x, and 9.2x allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
19 CVE-2013-2341 Exec Code +Info 2013-07-06 2013-07-08
7.1
None Remote High Single system Complete Complete Complete
Unspecified vulnerability on the HP ProCurve JC###A, JC###B, JD###A, JD###B, JE###A, JF###A, JF###B, JF###C, JG###A, 658250-B21, and 658247-B21; HP 3COM routers and switches; and HP H3C routers and switches allows remote authenticated users to execute arbitrary code or obtain sensitive information via unknown vectors.
20 CVE-2013-2340 Exec Code +Info 2013-07-06 2013-07-08
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability on the HP ProCurve JC###A, JC###B, JD###A, JD###B, JE###A, JF###A, JF###B, JF###C, JG###A, 658250-B21, and 658247-B21; HP 3COM routers and switches; and HP H3C routers and switches allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors.
21 CVE-2013-2339 DoS +Info 2013-06-30 2013-07-01
4.6
None Local Low Not required Partial Partial Partial
HP Smart Zero Core 4.3 and 4.3.1 on the t410 All-in-One Smart Zero Client, t410 Smart Zero Client, t510 Flexible Thin Client, t5565z Smart Client, t610 Flexible Thin Client, and t610 PLUS Flexible Thin Client allows local users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
22 CVE-2013-2336 +Info 2013-06-14 2013-06-17
5.0
None Remote Low Not required Partial None None
HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers to obtain sensitive information via unspecified vectors.
23 CVE-2013-2322 200 +Info 2013-06-28 2013-10-11
3.5
None Remote Medium Single system Partial None None
HP SQL/MX 3.2 and earlier on NonStop servers, when SQL/MP Objects are used, allows remote authenticated users to obtain sensitive information via unspecified vectors, aka the "SQL/MP index" issue.
24 CVE-2012-5222 200 +Info 2013-05-01 2013-10-16
5.0
None Remote Low Not required Partial None None
HP Service Manager Web Tier 9.31 before 9.31.2004 p2 allows remote attackers to obtain sensitive information via unspecified vectors.
25 CVE-2012-5217 264 Bypass +Info 2013-07-22 2013-07-26
5.0
None Remote Low Not required Partial None None
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2355.
26 CVE-2012-5214 DoS +Info 2013-03-09 2013-03-17
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in HP ServiceCenter 6.2.8 before 6.2.8.10 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
27 CVE-2012-5213 +Info 2013-03-09 2013-03-16
7.8
None Remote Low Not required Complete None None
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1662.
28 CVE-2012-5212 DoS +Info 2013-03-09 2013-03-16
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1663.
29 CVE-2012-5211 DoS +Info 2013-03-09 2013-03-16
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in HP Intelligent Management Center (iMC) User Access Manager (UAM) before 5.2 E0402 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1643.
30 CVE-2012-5210 DoS +Info 2013-03-09 2013-03-16
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in HP Intelligent Management Center (iMC) TACACS+ Authentication Manager (TAM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1646.
31 CVE-2012-5208 DoS +Info 2013-03-09 2013-03-16
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1615.
32 CVE-2012-5207 DoS +Info 2013-03-09 2013-03-16
9.0
None Remote Low Not required Complete Partial Partial
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1661.
33 CVE-2012-5206 DoS +Info 2013-03-09 2013-03-16
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1660.
34 CVE-2012-5205 DoS +Info 2013-03-09 2013-03-16
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1650.
35 CVE-2012-5204 DoS +Info 2013-03-09 2013-03-16
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1614.
36 CVE-2012-5203 DoS +Info 2013-03-09 2013-03-16
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1613.
37 CVE-2012-5202 DoS +Info 2013-03-09 2013-03-16
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1612.
38 CVE-2012-5198 +Info 2013-02-16 2013-02-18
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in HP ArcSight Connector Appliance before 6.3 and ArcSight Logger 5.2 and earlier allows remote attackers to obtain sensitive information via unknown vectors.
39 CVE-2012-3286 DoS +Info 2013-02-16 2013-02-18
6.5
None Remote Low Single system Partial Partial Partial
Unspecified vulnerability in HP ArcSight Connector Appliance 6.3 and earlier and ArcSight Logger 5.2 and earlier allows remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
40 CVE-2012-3280 DoS +Info 2013-02-13 2013-04-29
6.3
None Local Network Medium Single system Partial Partial Complete
Multiple unspecified vulnerabilities on HP NonStop Servers H06.x and J06.x allow remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via an OSS Remote Operation over an Expand connection.
41 CVE-2012-3268 200 +Info 2013-02-01 2013-04-04
8.5
None Remote Medium Single system Complete Complete Complete
Certain HP Access Controller, Fabric Module, Firewall, Router, Switch, and UTM Appliance products; certain HP 3Com Access Controller, Router, and Switch products; certain HP H3C Access Controller, Firewall, Router, Switch, and Switch and Route Processing Unit products; and certain Huawei Firewall/Gateway, Router, Switch, and Wireless products do not properly implement access control as defined in h3c-user.mib 2.0 and hh3c-user.mib 2.0, which allows remote authenticated users to discover credentials in UserInfoEntry values via an SNMP request with the read-only community.
42 CVE-2012-1999 +Info 2013-03-11 2013-03-18
8.5
None Remote Low Single system Complete Complete None
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows remote authenticated users to obtain sensitive information or modify data via unknown vectors.
43 CVE-2012-1998 DoS +Info 2013-03-11 2013-03-17
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-1997.
44 CVE-2012-1997 DoS +Info 2013-03-11 2013-03-17
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-1998.
45 CVE-2012-1995 +Info 2013-03-11 2013-03-17
3.2
None Local Low Single system Partial Partial None
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows local users to obtain sensitive information or modify data via unknown vectors.
Total number of vulnerabilities : 45   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.