This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Hp First view 2011-04-06
Product Network Node Manager I Last view 2014-09-10
Version 9.0 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:hp:network_node_manager_i

Activity : Overall

Related : CVE

  Date Alert Description
10 2014-09-10 CVE-2014-2624

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2264.

4.3 2014-05-09 CVE-2013-6220

Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0, 9.10, and 9.20 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

10 2014-04-19 CVE-2013-6218

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors.

5 2013-07-29 CVE-2011-1483

wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communications Platform 1.2.11 and 5.1.1; JBoss Enterprise BRMS Platform 5.1.0; and JBoss Enterprise Web Platform 5.1.1 does not properly handle recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted request containing an XML document with a DOCTYPE declaration and a large number of nested entity references, a similar issue to CVE-2003-1564.

7.5 2013-07-13 CVE-2013-2351

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00, 9.1x, and 9.2x allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.

4.3 2013-02-06 CVE-2012-3279

Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3 2012-08-07 CVE-2012-2022

Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3 2012-07-05 CVE-2012-2018

Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 8.x, 9.0x, and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3 2011-05-13 CVE-2011-1855

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x allows local users to read or modify (1) log files or (2) other data via unknown vectors.

6.5 2011-04-22 CVE-2011-1534

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x allows remote authenticated users to obtain access to processes via unknown vectors.

4 2011-04-06 CVE-2011-0895

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x and 8.1x allows remote authenticated users to obtain sensitive information via unknown vectors.

CWE : Common Weakness Enumeration

%idName
100% (4) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')

Open Source Vulnerability Database (OSVDB)

id Description
75613 JBoss Multiple Product Web Services Native DTD Parsing Remote DoS
73162 HP Network Node Manager i (NNMi) Unspecified Local Log File Access
71967 HP Network Node Manager i (NNMi) Unspecified Remote Access Restriction Bypass
71585 HP Network Node Manager i (NNMi) Unspecified Remote Information Disclosure

Information Assurance Vulnerability Management (IAVM)

id Description
2014-A-0136 HP Network Node Manager i Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0054317
2013-B-0073 HP Network Node Manager i (NNMi) Unauthorized Access Vulnerability
Severity: Category I - VMSKEY: V0039335
2012-B-0074 Multiple Cross-Site Scripting Vulnerabilities in HP Network Node Manager i (N...
Severity: Category I - VMSKEY: V0033555
2011-B-0119 Multiple Red Hat JBoss Products Remote Denial of Service Vulnerability
Severity: Category II - VMSKEY: V0030272

Snort® IPS/IDS

Date Description
2015-01-13 HP Network Node Manager ovopi.dll command 685 insecure pointer dereference at...
RuleID : 32729 - Type : POLICY-OTHER - Revision : 3
2015-01-06 HP Network Node Manager ovopi.dll buffer overflow attempt
RuleID : 32628 - Type : SERVER-OTHER - Revision : 3
2014-12-16 HP Network Node Manager ovopi.dll buffer overflow attempt
RuleID : 32530 - Type : SERVER-OTHER - Revision : 3
2014-12-09 HP Network Node Manager ovopi.dll buffer overflow attempt
RuleID : 32403 - Type : SERVER-OTHER - Revision : 3
2014-12-04 HP Network Node Manager ovopi.dll buffer overflow attempt
RuleID : 32371 - Type : SERVER-OTHER - Revision : 4
2014-11-16 HP Network Node Manager ovopi.dll buffer overflow attempt
RuleID : 32085 - Type : SERVER-OTHER - Revision : 4
2014-11-16 HP Network Node Manager ovopi.dll buffer overflow attempt
RuleID : 32084 - Type : SERVER-OTHER - Revision : 4

Nessus® Vulnerability Scanner

id Description
2014-12-08 Name: The remote web server hosts an application that is affected by a cross- site ...
File: hp_nnmi_HPSBMU02798-rhel.nasl - Type: ACT_GATHER_INFO
2014-12-08 Name: The remote host is potentially affected by multiple vulnerabilities.
File: hp_nnmi_HPSBMU03035-rhel.nasl - Type: ACT_GATHER_INFO
2014-12-08 Name: The remote host is potentially affected by multiple vulnerabilities.
File: hp_nnmi_HPSBMU03035.nasl - Type: ACT_GATHER_INFO
2014-12-08 Name: The remote host is potentially affected by a remote code execution vulnerabil...
File: hp_nnmi_HPSBMU03075-rhel.nasl - Type: ACT_GATHER_INFO
2014-09-17 Name: The remote host is potentially affected by a remote code execution vulnerabil...
File: hp_nnmi_HPSBMU03075.nasl - Type: ACT_GATHER_INFO
2013-09-26 Name: The remote web server hosts an application that is affected by a cross- site ...
File: hp_nnmi_HPSB3C02687.nasl - Type: ACT_GATHER_INFO
2013-07-17 Name: The remote HP-UX host is missing a security-related patch.
File: hpux_PHSS_43408.nasl - Type: ACT_GATHER_INFO
2013-01-24 Name: The remote Red Hat host is missing a security update.
File: redhat-RHSA-2011-1301.nasl - Type: ACT_GATHER_INFO
2013-01-24 Name: The remote Red Hat host is missing a security update.
File: redhat-RHSA-2011-1306.nasl - Type: ACT_GATHER_INFO
2013-01-24 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2011-1309.nasl - Type: ACT_GATHER_INFO
2012-03-06 Name: The remote HP-UX host is missing a security-related patch.
File: hpux_PHSS_41983.nasl - Type: ACT_GATHER_INFO
2012-03-06 Name: The remote HP-UX host is missing a security-related patch.
File: hpux_PHSS_42328.nasl - Type: ACT_GATHER_INFO