Shodan
Vulnerabilities
Vulnerable Software
Hp:  >> Data Protector  >> 8.14  Security Vulnerabilities
CVE-2017-5807
A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found.
CVSS Score
9.8
EPSS Score
0.231
Published
2018-02-15
CVE-2017-5808
A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found.
CVSS Score
7.5
EPSS Score
0.169
Published
2018-02-15
CVE-2017-5809
A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found.
CVSS Score
5.5
EPSS Score
0.017
Published
2018-02-15
CVE-2016-2008
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS Score
9.8
EPSS Score
0.105
Published
2016-04-21
CVE-2016-2007
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3354.
CVSS Score
9.8
EPSS Score
0.204
Published
2016-04-21
CVE-2016-2006
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3353.
CVSS Score
9.8
EPSS Score
0.204
Published
2016-04-21
CVE-2016-2005
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3352.
CVSS Score
9.8
EPSS Score
0.204
Published
2016-04-21
CVE-2016-2004
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2623.
CVSS Score
9.8
EPSS Score
0.943
Published
2016-04-21
CVE-2011-0921
crs.exe in the Cell Manager Service in the client in HP Data Protector does not properly validate credentials associated with the hostname, domain, and username, which allows remote attackers to execute arbitrary code by sending unspecified data over TCP, related to the webreporting client, the applet domain, and the java username.
CVSS Score
10.0
EPSS Score
0.113
Published
2011-02-09
CVE-2011-0922
The client in HP Data Protector allows remote attackers to execute arbitrary programs via an EXEC_SETUP command that references a UNC share pathname.
CVSS Score
10.0
EPSS Score
0.642
Published
2011-02-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved