Shodan
Vulnerabilities
Vulnerable Software
Hp:  >> Network Automation  >> 10.00  Security Vulnerabilities
CVE-2018-6492
Persistent Cross-Site Scripting, and non-persistent HTML Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow persistent cross-site scripting, and non-persistent HTML Injection.
CVSS Score
4.7
EPSS Score
0.004
Published
2018-05-22
CVE-2018-6493
SQL Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow Remote SQL Injection.
CVSS Score
8.7
EPSS Score
0.002
Published
2018-05-22
CVE-2017-5810
A remote sql injection vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.
CVSS Score
9.8
EPSS Score
0.134
Published
2018-02-15
CVE-2017-5811
A remote code execution vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.
CVSS Score
7.5
EPSS Score
0.148
Published
2018-02-15
CVE-2017-5812
A remote sql information disclosure vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.
CVSS Score
7.5
EPSS Score
0.065
Published
2018-02-15
CVE-2017-5813
A remote unauthenticated access vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.
CVSS Score
6.3
EPSS Score
0.005
Published
2018-02-15
CVE-2017-5814
A remote sql injection authentication bypass in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.
CVSS Score
9.8
EPSS Score
0.371
Published
2018-02-15
CVE-2016-8511
A Remote Code Execution vulnerability in HPE Network Automation using RPCServlet and Java Deserialization version v9.1x, v9.2x, v10.00, v10.00.01, v10.00.02, v10.10, v10.11, v10.11.01, v10.20 was found.
CVSS Score
9.8
EPSS Score
0.205
Published
2018-02-15
CVE-2016-4385
The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) and Commons BeanUtils libraries.
CVSS Score
7.3
EPSS Score
0.049
Published
2016-09-29
CVE-2016-1989
HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1988.
CVSS Score
9.8
EPSS Score
0.306
Published
2016-03-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved