This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Hp First view 2015-08-24
Product Business Service Management Last view 2018-08-06
Version 9.25 Type Application
Update ip1  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:hp:business_service_management

Activity : Overall

Related : CVE

  Date Alert Description
8.8 2018-08-06 CVE-2016-4405

A remote code execution vulnerability was identified in HP Business Service Management (BSM) using Apache Commons Collection Java Deserialization versions v9.20-v9.26

5.4 2018-08-06 CVE-2016-4392

A remote cross site scripting vulnerability has been identified in HP Business Service Management software v9.1x, v9.20 - v9.25IP1.

5 2015-08-24 CVE-2015-3269

Apache Flex BlazeDS, as used in flex-messaging-core.jar in Adobe LiveCycle Data Services (LCDS) 3.0.x before 3.0.0.354170, 4.5 before 4.5.1.354169, 4.6.2 before 4.6.2.354169, and 4.7 before 4.7.0.354169 and other products, allows remote attackers to read arbitrary files via an AMF message containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

CWE : Common Weakness Enumeration

%idName
33% (1) CWE-502 Deserialization of Untrusted Data
33% (1) CWE-200 Information Exposure
33% (1) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0205 Adobe Cold Fusion Information Disclosure Vulnerability
Severity: Category I - VMSKEY: V0061363
2015-B-0102 Adobe LiveCycle Data Services Information Disclosure Vulnerability
Severity: Category I - VMSKEY: V0061331

Nessus® Vulnerability Scanner

id Description
2016-03-09 Name: The remote host is affected by an external entity injection vulnerability.
File: hp_operations_manager_i_hpsbgn03550.nasl - Type: ACT_GATHER_INFO
2015-12-22 Name: The remote host has a virtualization management application installed that is...
File: vmware_vcenter_vmsa-2015-0008.nasl - Type: ACT_GATHER_INFO
2015-09-03 Name: A web-based application running on the remote Windows host is affected by an ...
File: coldfusion_win_apsb15-21.nasl - Type: ACT_GATHER_INFO
2015-04-13 Name: The remote Windows host has an application installed that is affected by mult...
File: vmware_horizon_view_VMSA-2015-0003.nasl - Type: ACT_GATHER_INFO