Summary
Detail | |||
---|---|---|---|
Vendor | Hp | First view | 2015-08-24 |
Product | Business Service Management | Last view | 2018-08-06 |
Version | 9.25 | Type | Application |
Update | ip1 | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:hp:business_service_management |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
8.8 | 2018-08-06 | CVE-2016-4405 | A remote code execution vulnerability was identified in HP Business Service Management (BSM) using Apache Commons Collection Java Deserialization versions v9.20-v9.26 |
5.4 | 2018-08-06 | CVE-2016-4392 | A remote cross site scripting vulnerability has been identified in HP Business Service Management software v9.1x, v9.20 - v9.25IP1. |
5 | 2015-08-24 | CVE-2015-3269 | Apache Flex BlazeDS, as used in flex-messaging-core.jar in Adobe LiveCycle Data Services (LCDS) 3.0.x before 3.0.0.354170, 4.5 before 4.5.1.354169, 4.6.2 before 4.6.2.354169, and 4.7 before 4.7.0.354169 and other products, allows remote attackers to read arbitrary files via an AMF message containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
33% (1) | CWE-502 | Deserialization of Untrusted Data |
33% (1) | CWE-200 | Information Exposure |
33% (1) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2015-A-0205 | Adobe Cold Fusion Information Disclosure Vulnerability Severity: Category I - VMSKEY: V0061363 |
2015-B-0102 | Adobe LiveCycle Data Services Information Disclosure Vulnerability Severity: Category I - VMSKEY: V0061331 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2016-03-09 | Name: The remote host is affected by an external entity injection vulnerability. File: hp_operations_manager_i_hpsbgn03550.nasl - Type: ACT_GATHER_INFO |
2015-12-22 | Name: The remote host has a virtualization management application installed that is... File: vmware_vcenter_vmsa-2015-0008.nasl - Type: ACT_GATHER_INFO |
2015-09-03 | Name: A web-based application running on the remote Windows host is affected by an ... File: coldfusion_win_apsb15-21.nasl - Type: ACT_GATHER_INFO |
2015-04-13 | Name: The remote Windows host has an application installed that is affected by mult... File: vmware_horizon_view_VMSA-2015-0003.nasl - Type: ACT_GATHER_INFO |