Hp

Procurve Manager

6 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2013-4809

  • EPSS 0.86%
  • Veröffentlicht 16.09.2013 13:01:46
  • Zuletzt bearbeitet 22.04.2025 14:51:37

Multiple SQL injection vulnerabilities in GetEventsServlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parame...

10

CVE-2013-4810

Warnung Exploit
  • EPSS 85.88%
  • Veröffentlicht 16.09.2013 13:01:46
  • Zuletzt bearbeitet 11.04.2025 00:51:21

HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServ...

10

CVE-2013-4811

  • EPSS 83.54%
  • Veröffentlicht 16.09.2013 13:01:46
  • Zuletzt bearbeitet 22.04.2025 14:51:37

UpdateDomainControllerServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the adCert argument, which allows remote attackers to upload ...

10

CVE-2013-4812

  • EPSS 74%
  • Veröffentlicht 16.09.2013 13:01:46
  • Zuletzt bearbeitet 22.04.2025 14:51:37

UpdateCertificatesServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the fileName argument, which allows remote attackers to upload .j...

10

CVE-2013-4813

  • EPSS 6.4%
  • Veröffentlicht 16.09.2013 13:01:46
  • Zuletzt bearbeitet 22.04.2025 14:51:37

The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allows remote attackers to execute arbitrary commands via a HEAD request, aka ZDI-CAN-1745.

5

CVE-2007-4514

  • EPSS 0.86%
  • Veröffentlicht 15.04.2009 10:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in HP ProCurve Manager and HP ProCurve Manager Plus 2.3 and earlier allows remote attackers to obtain sensitive information from the ProCurve Manager server via unknown attack vectors.