Summary
Detail | |||
---|---|---|---|
Vendor | Hp | First view | 2011-04-06 |
Product | Network Node Manager I | Last view | 2014-04-19 |
Version | 9.03 | Type | Application |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:hp:network_node_manager_i |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
10 | 2014-04-19 | CVE-2013-6218 | Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors. |
5 | 2013-07-29 | CVE-2011-1483 | wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communications Platform 1.2.11 and 5.1.1; JBoss Enterprise BRMS Platform 5.1.0; and JBoss Enterprise Web Platform 5.1.1 does not properly handle recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted request containing an XML document with a DOCTYPE declaration and a large number of nested entity references, a similar issue to CVE-2003-1564. |
4.3 | 2013-02-06 | CVE-2012-3279 | Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
4.3 | 2012-08-07 | CVE-2012-2022 | Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
4.3 | 2012-07-05 | CVE-2012-2018 | Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 8.x, 9.0x, and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
4.3 | 2011-11-16 | CVE-2011-4156 | Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4155. |
4.3 | 2011-11-16 | CVE-2011-4155 | Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4156. |
4.3 | 2011-05-13 | CVE-2011-1855 | Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x allows local users to read or modify (1) log files or (2) other data via unknown vectors. |
6.5 | 2011-04-22 | CVE-2011-1534 | Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x allows remote authenticated users to obtain access to processes via unknown vectors. |
4 | 2011-04-06 | CVE-2011-0895 | Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x and 8.1x allows remote authenticated users to obtain sensitive information via unknown vectors. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
100% (5) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
76963 | HP Network Node Manager i Unspecified XSS (2011-4156) |
76962 | HP Network Node Manager i Unspecified XSS (2011-4155) |
75613 | JBoss Multiple Product Web Services Native DTD Parsing Remote DoS |
73162 | HP Network Node Manager i (NNMi) Unspecified Local Log File Access |
71967 | HP Network Node Manager i (NNMi) Unspecified Remote Access Restriction Bypass |
71585 | HP Network Node Manager i (NNMi) Unspecified Remote Information Disclosure |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2012-B-0074 | Multiple Cross-Site Scripting Vulnerabilities in HP Network Node Manager i (N... Severity: Category I - VMSKEY: V0033555 |
2011-B-0119 | Multiple Red Hat JBoss Products Remote Denial of Service Vulnerability Severity: Category II - VMSKEY: V0030272 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | HP Network Node Manager cross site scripting attempt RuleID : 20845 - Type : SERVER-WEBAPP - Revision : 9 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2014-12-08 | Name: The remote web server hosts an application that is affected by a cross- site ... File: hp_nnmi_HPSBMU02798-rhel.nasl - Type: ACT_GATHER_INFO |
2013-09-26 | Name: The remote web server hosts an application that is affected by a cross- site ... File: hp_nnmi_HPSB3C02687.nasl - Type: ACT_GATHER_INFO |
2013-01-24 | Name: The remote Red Hat host is missing a security update. File: redhat-RHSA-2011-1301.nasl - Type: ACT_GATHER_INFO |
2013-01-24 | Name: The remote Red Hat host is missing a security update. File: redhat-RHSA-2011-1306.nasl - Type: ACT_GATHER_INFO |
2013-01-24 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2011-1309.nasl - Type: ACT_GATHER_INFO |
2012-03-06 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHSS_41983.nasl - Type: ACT_GATHER_INFO |
2012-03-06 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHSS_42328.nasl - Type: ACT_GATHER_INFO |