HPE Security Bulletin HPESBHF03776 1 - A potential security vulnerability has been identified in HPE Intelligent Management Center (iMC) Service Operation Management (SOM). The vulnerability could be remotely exploited to allow arbitrary file download and disclosure of information. Revision 1 of this advisory.
cb1d256f53870308120074e2aae29011ea977e0b63df4915d0391790433d52bb
HPE Security Bulletin HPESBMU03753 1 - Several potential security vulnerabilities have been identified in HPE System Management Homepage (SMH) on Windows and Linux. The vulnerabilities could be exploited remotely resulting in Cross-site scripting, local and remote Denial of Service, local and remote execution of arbitrary code, local elevation of privilege and local unqualified configuration change. Revision 1 of this advisory.
8aebece5aa468ae51cd352fc00bf4f6f2e1373b2a2a9227a4a8e9385983057cb
HPE Security Bulletin HPESBGN03773 2 - A potential security vulnerability has been identified in Application Performance Management (BSM) Platform. The vulnerability could be remotely exploited to allow code execution. Revision 2 of this advisory.
b9537e8d57a0d231e698e3b91604a181835b850d18eb806d57883a364fa1ef95
HPE Security Bulletin HPESBGN03773 1 - A potential security vulnerability has been identified in Application Performance Management (BSM) Platform. The vulnerability could be remotely exploited to allow code execution. Revision 1 of this advisory.
e9c0d18cf651d50a4dee299bf48dc290afb61e9ac7f068fd772a3553a46b4e76
HPE Security Bulletin HPESBUX03772 1 - Potential security vulnerabilities have been identified in the HP-UX BIND service running named. These vulnerabilities could be exploited remotely to allow Denial of Service (DoS), and unauthorized read access to data. Revision 1 of this advisory.
d052d1d36421886aa892f783d7c2fcc936d36c83861414f591ccae68affbfb54
HPE Security Bulletin HPESBGN03765 2 - A security vulnerability in the DES/3DES block ciphers used in the TLS protocol could potentially impact HPE LoadRunner and HPE Performance Center resulting in remote disclosure of information. This is also known as the SWEET32 attack. Revision 2 of this advisory.
948d29ad7d087b66e32a4c02373d48f779582beea0bda6a1bd420ce52660e466
HPE Security Bulletin HPESBGN03767 1 - A potential security vulnerability has been identified in HPE Operations Orchestration product. The vulnerability could be exploited remotely to allow execution of code. Revision 1 of this advisory.
4b17d418b655fd4fe6b152730a774cede78fd9a61ada68f04893915f466f72bd
HPE Security Bulletin HPESBHF03770 1 - A potential security vulnerability has been identified in Comware 7 MSR Routers using PHP, Go, Apache Http Server, and Tomcat. The vulnerability known as "httpoxy" could be remotely exploited to execute arbitrary code. Revision 1 of this advisory.
2af8ae566d18e3cd782b2353bc2bd160ea874bc5b28f246c238fe9f009bc5455
HPE Security Bulletin HPESBHF03769 1 - A potential security vulnerability has been identified in HPE Integrated Lights-out (iLO 4). The vulnerability could be exploited remotely to allow authentication bypass and execution of code. Revision 1 of this advisory.
55e502bbbda3b626b9c1e5d89f1185c6db3ed04eb47bc7d55058c15b071a11c7
HPE Security Bulletin HPESB3P03762 1 - HPE StoreFabric C-series Switch Software uses Ciscos Prime Data Center Network Manager (DCNM). Cisco has identified a remote code execution vulnerability in two versions of Cisco Prime Data Center Network Manager (DCNM) which HPE had included for download for customers under contract from the HPE Support Center. The affected versions of DCNM are 10.1(1) and 10.1(2). HPE bundled these DCNM versions with the following MDS and Nexus firmware downloads: * MDS 7.3(0)DY(1), released February 2017 * MDS 7.3(1)DY(1), released April 2017 * Nexus 5.2(1)N1(9b), released May 2017 **Note:** A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to access sensitive information or execute arbitrary code with root privileges on an affected system. The vulnerability is due to the lack of authentication and authorization mechanisms for a debugging tool that was inadvertently enabled in the affected software. An attacker could exploit this vulnerability by remotely connecting to the debugging tool via TCP. A successful exploit could allow the attacker to access sensitive information about the affected software or execute arbitrary code with root privileges on the affected system. Revision 1 of this advisory.
a8e09be97b4de5cb5a24c72c56585c40b90a364dc24e2d76e252404144141bc3
HPE Security Bulletin HPESB3P03767 1 - A potential security problem has been identified in HPE Proliant ML10 Gen9 server using Intel Xeon E3-1200M v5 and 6th Generation Intel Core Processors. The vulnerability could allow a remote unauthorized attacker to write to file systems. Revision 1 of this advisory.
e9625c5952f23e5da1724f3d2f9659cd484fb012898274e6f3ed49b87180307c
HPE Security Bulletin HPESBHF03763 1 - A potential security vulnerability has been identified in Comware 7, IMC, VCX products using OpenSSL. The vulnerability could be remotely exploited to allow a denial of service. Revision 1 of this advisory.
dd90f3774a636d9a02b6b19489b9140bcc74ec400ed8e03d4f0760a175b70415
HPE Security Bulletin HPESBGN03766 1 - A potential security vulnerability has been identified in HPE Project and Portfolio Management(PPM) product. The vulnerability could be exploited to allow remote cross-site scripting (XSS). Revision 1 of this advisory.
95661b488cdbb0398e92018f5333222cec278c771ca878bbd7b6bd05f435c0a1
HPE Security Bulletin HPESBHF03765 1 - Potential security vulnerabilities in OpenSSL have been addressed in HPE Network Products including Comware v7 that is applicable for ConvergedSystem 700 solutions. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or disclosure of sensitive information. Revision 1 of this advisory.
022069972577db48d8cb81bb5e40218f836f168ecf9948fbce4699190ff05d6d
HPE Security Bulletin HPESBHF03745 3 - Potential security vulnerabilities have been identified in HPE Intelligent Management Center (iMC) PLAT. The vulnerabilities could be exploited remotely to allow execution of code. Revision 3 of this advisory.
23505b51f81192e0e759e9785464536c2a54464f9d9e61cf59d1be481622ca5c
HPE Security Bulletin HPESBHF03766 1 - Potential security vulnerabilities with NTP have been addressed for HPE network products including Comware 5 used in certain ConvergedSystem 700 solutions. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or unauthorized modification, or locally exploited resulting in Denial of Service (DoS). Revision 1 of this advisory.
3edfee76e1994530da7a06fe189c9516c8fd4b472f41291e675135108bd439bc
HPE Security Bulletin HPESBGN03763 1 - Potential security vulnerabilities have been identified in HPE SiteScope. The vulnerabilities could be exploited to allow disclosure of sensitive information, bypass security restriction, and remote arbitrary code execution. Revision 1 of this advisory.
f658bb859acd2dba5129f2333bff36ab95e2e9cc867b0864639769154f072376
HPE Security Bulletin HPESBGN03762 1 - Potential security vulnerabilities have been identified in HPE Network Node Manager i. The vulnerabilities could be remotely exploited to allow bypass security restrictions, cross-site scripting (XSS), and/or URL redirection. Revision 1 of this advisory.
5e87f3dd4177244be5a1d11c4b186e953125271e1fadbf0f71c40169f7525270
HPE Security Bulletin HPESBHF03745 2 - Potential security vulnerabilities have been identified in HPE Intelligent Management Center (iMC) PLAT. The vulnerabilities could be exploited remotely to allow execution of code. Revision 2 of this advisory.
d942528bda72b4e150cab486d47ec95daa6697920d454ce2c526f91ce2edecea
HPE Security Bulletin HPESBNS03755 1 - HPE NonStop Server using Samba is vulnerable to remote code execution and remote access restriction bypass. Revision 1 of this advisory.
6264307a040e00f452b44dd1e3a75e45b9b8464c01f2410521a492ef1512dc09
HPE Security Bulletin HPESBGN03758 2 - A potential security vulnerability has been identified in HPE UCMDB. The vulnerability could be remotely exploited to allow execution of code. Revision 2 of this advisory.
ab6b5836b62571bc059b984ff4a507076fc609ead23c5296bedd4094b58a797f
HPE Security Bulletin HPESBGN03761 1 - A security vulnerability in Linux kernel, also known as "Dirty COW", has been addressed in HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer Virtual appliance. This vulnerability could be exploited remotely to allow escalation of privilege. Revision 1 of this advisory.
0dd6f8226b7bbd3f4d24c1a42590e546556300125d345a6bba2fc7e16c1477d2
HPE Security Bulletin HPESBUX03747 1 - Potential security vulnerabilities have been identified in the HP-UX BIND service running named. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
e2e5b276cc198c17e717203f109a370c6bbf5a07dcbb5469ea786b96e97ece0d
HPE Security Bulletin HPESBUX03759 1 - Potential security vulnerabilities have been identified in HPE HP-UX CIFS server using Samba. The vulnerabilities can be exploited remotely to allow authentication bypass, code execution, and unauthorized access. Revision 1 of this advisory.
907e4dc114d339b31af4790877bd5a64a24b626c8fad921208d36c1750338edc
HPE Security Bulletin HPESBHF03730 2 - Potential security vulnerabilities have been identified in HPE Aruba ClearPass Policy Manager. The vulnerabilities could be remotely exploited to allow access restriction bypass, arbitrary command execution, cross site scripting (XSS), escalation of privilege and disclosure of information. Revision 2 of this advisory.
1c68d7665ce163cfc88b5794bc70ac143cf7ec06283e0cdded0598de1c32fea7