HP Security Bulletin HPSBHF02981 2 - A potential security vulnerability has been identified in HPE Integrated Lights-Out 2, 3, 4 (iLO2, iLO3, iLO4) and HPE Superdome Flex RMC. The vulnerability could be exploited to allow an attacker to gain unauthorized privileges and unauthorized access to privileged information. **Note:** - This vulnerability also impacts the RMC of the "Superdome Flex" Server. Revision 2 of this advisory.
a2964cc8b96f7208d5ae7e0ddcf956c8d282b386abf5ac64183dbead5d56315eHP Security Bulletin HPSBGN02925 3 - Potential security vulnerabilities have been identified with HP IceWall SSO, IceWall File Manager and IceWall Federation Agent. The vulnerabilities could be exploited remotely resulting in unauthorized access. Revision 3 of this advisory.
58327b2f8053c28f31e6ebd4c63a93b76f22bc91d91ff5f9e21c03b7fca5392dHP Security Bulletin HPSBMU02933 3 - A potential security vulnerability has been identified with HPE SiteScope's loadFileContents SOAP features. The vulnerabilities could be exploited to allow remote code execution, arbitrary file download and Denial of Service (DoS). Revision 3 of this advisory.
9de6c472c0bfacf8870bd1a3961b3220a492329eec58711c15faba3945248411HP Security Bulletin HPSBUX03596 2 - A security vulnerability in Samba was addressed by HPE HP-UX running CIFS Server (Samba). The vulnerability could be exploited resulting in remote access restriction bypass and unauthorized access. Revision 2 of this advisory.
d841f519b91c644cd53e085dff736d033e160d2adae9e3588ae69a1f6ed05cb1HP Security Bulletin HPSBMU03691 1 - Several potential security vulnerabilities have been identified in HPE Insight Control. The vulnerabilities could be exploited remotely resulting in remote denial of Service (DoS), cross-site request forgery (CSRF), remote execution of arbitrary commands, disclosure of sensitive information, cross-site scripting (XSS), bypass access restriction or unauthorized modification. Revision 1 of this advisory.
5a6300cd07db8aac889b73990a0bf5f4d05a4d50059bb2513a0f1e88ece0ae94HP Security Bulletin HPSBMU03692 1 - Multiple potential security vulnerabilities have been identified in HPE Matrix Operating Environment (MOE) on Windows. The vulnerabilities could be exploited remotely resulting in the Bypass of Security Restrictions, cross-site request forgery (CSRF), cross-site scripting (XSS), Denial of Service (DoS), Disclosure of Information, and Execution of Arbitrary Code. Revision 1 of this advisory.
d734e68989cbfbc4be512dafe6404e46d2e78c0f4363cea681f59bf053260a4dHP Security Bulletin HPSBST03588 1 - A potential security vulnerability has been identified in HPE StoreVirtual 4000 Storage and StoreVirtual VSA Software running LeftHand OS. The vulnerability could be remotely exploited resulting in arbitrary command execution. Revision 1 of this advisory.
782dd5732ac7acd5e00984a08a61b8bf153e990e7fe953e554739b420e1b2abbHP Security Bulletin HPSBHF03693 1 - A potential security vulnerability identified with Microsoft SQL Server has been addressed by HPE iMC PLAT network products. The vulnerability could be exploited remotely by an authenticated user resulting in elevation of privilege. Revision 1 of this advisory.
a0d63882ce25dc818063c38f1195d050d07c655ba273167fb6eb0fe40465556eHP Security Bulletin HPSBST03642 3 - Security vulnerabilities in OpenSSL and OpenSSH were addressed in HPE StoreVirtual products using LeftHand OS. These vulnerabilities include the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely resulting in disclosure of information, additional OpenSSL and OpenSSH vulnerabilities which could be remotely exploited resulting in arbitrary code execution, unauthorized access, disclosure of information, or Denial of Service (DoS). Revision 3 of this advisory.
864bcff09d4a86c839035348112fa45614c1f5e5a95ea128a61d9122002eb2f1HP Security Bulletin HPSBHF03695 1 - A security vulnerability with the Ethernet Non-Volatile Flash Memory (NVM) image in Intel Forteville-based adapters has been addressed by certain HPE Ethernet Adaptors. The vulnerability could be remotely exploited resulting in Denial of Service (DoS). Revision 1 of this advisory.
2ef48a83b40449f8fbb254829043b60e5e679b066dd69b0e0d85eb8600f804a4HP Security Bulletin HPSBHF03441 2 - Potential security vulnerabilities have been identified in HPE Integrated Lights Out 3, HPE Integrated Lights Out 4, and Integrated Lights Out 4 mRCA. The vulnerabilities are remotely exploitable. Revision 2 of this advisory.
725dda88fc75de2dd666620311ad115afdaf41691da1310e0ffe965f13f3659dHP Security Bulletin HPSBGN03690 1 - A security vulnerability in DES/3DES block ciphers used in the TLS protocol, could potentially impact HPE Real User Monitor (RUM) resulting in remote disclosure of information also known as the SWEET32 attack. Revision 1 of this advisory.
499401e9b3798c5862cad1c516d6613ef4e05c3689810a8048252b9e10f61d84HP Security Bulletin HPSBMU03685 1 - Multiple potential security vulnerabilities have been identified in HPE Insight Control server provisioning (ICsp) software. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS), arbitrary code execution, arbitrary command execution, unauthorized access to files or disclosure of sensitive information. Revision 1 of this advisory.
7c572b3e24df1d149872d9d6f48b13a5c0031cc58055e6a8a1c95b1c448324e2HP Security Bulletin HPSBGN03689 1 - Potential vulnerabilities have been identified in HPE Diagnostics. The vulnerabilities could be exploited remotely to allow Cross-Site Scripting and Click Jacking. Revision 1 of this advisory.
ed88ca7db613054ab5271fa9ef07330e4f7c7297e53ec4ee2aa2c73105df5c8aHP Security Bulletin HPSBST03671 2 - A security vulnerability in PHP was addressed by the HPE StoreEver MSL6480 Tape Library firmware version 5.10. The vulnerability could be exploited remotely to allow Unauthorized Disclosure of Information or Denial of Service via the Ethernet Management Interface. Please note that the Management Interface cannot access data stored on tape media, so this vulnerability does not allow for remote unauthorized disclosure of data stored on tape media or remote denial of service. Revision 2 of this advisory.
74f9f0b80ca8d59cd41c5d09975ba20cb91f186b15a715a72840744163cf4c42HP Security Bulletin HPSBGN03694 1 - A security vulnerability in DES/3DES block ciphers used in the TLS protocol, could potentially impact HPE SiteScope resulting in remote disclosure of information, also known as the SWEET32 attack. Revision 1 of this advisory.
60499046b8f857f0156f84e87369cb54b40f528e9facee341e0a82bc6cfe1da5HP Security Bulletin HPSBGN03688 1 - A potential security vulnerability has been identified in HPE Operations Orchestration. The vulnerability could be remotely exploited to allow remote code execution. Revision 1 of this advisory.
929fd7a4f81ca7c043fc1d063e55957006898f4a23d4a758def5d0d4ec15e6a0HP Security Bulletin HPSBMU03684 1 - Several potential security vulnerabilities have been identified in HPE Version Control Repository Manager(VCRM) on Windows and Linux. The vulnerabilities could be exploited remotely resulting in Cross-Site Request Forgery, Sensitive Information Disclosure, and Malicious File Upload. Revision 1 of this advisory.
db2efcf43ac141cfad7af6e6fed3070765b60681b11cc72b5ded4b70a32c2bcaHP Security Bulletin HPSBHF03674 1 - A potential security vulnerability in the DES/3DES block ciphers could potentially impact HPE Comware 5 and Comware 7 network products using SSL/TLS. This vulnerability could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.
7c7293bf6f6050952ade049598c234ee769cc0357ebd1230d65f6bdd3c669692HP Security Bulletin HPSBUX03665 3 - Potential security vulnerabilities have been identified in the HP-UX Tomcat-based Servlet Engine. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or URL Redirection. Revision 3 of this advisory.
9d2cd9d2c5a5326760651264d9508d7f771267c319cee95f6f5733b6837bf96bHP Security Bulletin HPSBGN03680 1 - Potential security vulnerabilities were identified in HPE Propel. The vulnerabilities could be exploited locally to allow escalation of privilege or Denial of Service (DoS). Revision 1 of this advisory.
57a0b8f53e3c2c80c2ca5903690e675b6c3f71b3a6a625cac0aa6d580cc1d45dHP Security Bulletin HPSBHF03682 1 - A security vulnerability in the Linux kernel could potentially impact HPE Comware 7 network products. The vulnerability could be exploited locally to gain privileged access. Revision 1 of this advisory.
5ace745e7feeb86db5d7075ad2a92195f1a6aacff28d5f99cf61129d804628cdHP Security Bulletin HPSBGN03677 1 - Potential security vulnerabilities in RPCServlet and Java deserialization were addressed by HPE Network Automation. The vulnerabilities could be remotely exploited to allow code execution. Revision 1 of this advisory.
3defcc454c7e4050b2e9b10207b13b98ca9f6f8e907b1fbd4d176da15c39317cHP Security Bulletin HPSBHF03673 1 - Security vulnerabilities in MD5 message digest algorithm and RC4 ciphersuite could potentially impact HPE Comware 5 and Comware 7 network products using SSL/TLS. These vulnerabilities could be exploited remotely to conduct spoofing attacks and plaintext recovery attacks resulting in disclosure of information. Revision 1 of this advisory.
602636acd9eb352dc892bc1bded1cab28642c3e6645b73e0d9f61fe6df4d7dd2HP Security Bulletin HPSBHF03675 1 - A potential security vulnerability was addressed by HPE Integrated Lights-Out 3 and 4. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). Revision 1 of this advisory.
68e2e4afbbd1b669825b4e3ffe15b30c78592fb5f0402619943504d5f5a85d1f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed