This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Hp First view 2011-04-06
Product Network Node Manager I Last view 2014-04-19
Version 9.03 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:hp:network_node_manager_i

Activity : Overall

Related : CVE

  Date Alert Description
10 2014-04-19 CVE-2013-6218

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors.

5 2013-07-29 CVE-2011-1483

wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communications Platform 1.2.11 and 5.1.1; JBoss Enterprise BRMS Platform 5.1.0; and JBoss Enterprise Web Platform 5.1.1 does not properly handle recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted request containing an XML document with a DOCTYPE declaration and a large number of nested entity references, a similar issue to CVE-2003-1564.

4.3 2013-02-06 CVE-2012-3279

Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3 2012-08-07 CVE-2012-2022

Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3 2012-07-05 CVE-2012-2018

Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 8.x, 9.0x, and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3 2011-11-16 CVE-2011-4156

Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4155.

4.3 2011-11-16 CVE-2011-4155

Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4156.

4.3 2011-05-13 CVE-2011-1855

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x allows local users to read or modify (1) log files or (2) other data via unknown vectors.

6.5 2011-04-22 CVE-2011-1534

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x allows remote authenticated users to obtain access to processes via unknown vectors.

4 2011-04-06 CVE-2011-0895

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x and 8.1x allows remote authenticated users to obtain sensitive information via unknown vectors.

CWE : Common Weakness Enumeration

%idName
100% (5) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')

Open Source Vulnerability Database (OSVDB)

id Description
76963 HP Network Node Manager i Unspecified XSS (2011-4156)
76962 HP Network Node Manager i Unspecified XSS (2011-4155)
75613 JBoss Multiple Product Web Services Native DTD Parsing Remote DoS
73162 HP Network Node Manager i (NNMi) Unspecified Local Log File Access
71967 HP Network Node Manager i (NNMi) Unspecified Remote Access Restriction Bypass
71585 HP Network Node Manager i (NNMi) Unspecified Remote Information Disclosure

Information Assurance Vulnerability Management (IAVM)

id Description
2012-B-0074 Multiple Cross-Site Scripting Vulnerabilities in HP Network Node Manager i (N...
Severity: Category I - VMSKEY: V0033555
2011-B-0119 Multiple Red Hat JBoss Products Remote Denial of Service Vulnerability
Severity: Category II - VMSKEY: V0030272

Snort® IPS/IDS

Date Description
2014-01-10 HP Network Node Manager cross site scripting attempt
RuleID : 20845 - Type : SERVER-WEBAPP - Revision : 9

Nessus® Vulnerability Scanner

id Description
2014-12-08 Name: The remote web server hosts an application that is affected by a cross- site ...
File: hp_nnmi_HPSBMU02798-rhel.nasl - Type: ACT_GATHER_INFO
2013-09-26 Name: The remote web server hosts an application that is affected by a cross- site ...
File: hp_nnmi_HPSB3C02687.nasl - Type: ACT_GATHER_INFO
2013-01-24 Name: The remote Red Hat host is missing a security update.
File: redhat-RHSA-2011-1301.nasl - Type: ACT_GATHER_INFO
2013-01-24 Name: The remote Red Hat host is missing a security update.
File: redhat-RHSA-2011-1306.nasl - Type: ACT_GATHER_INFO
2013-01-24 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2011-1309.nasl - Type: ACT_GATHER_INFO
2012-03-06 Name: The remote HP-UX host is missing a security-related patch.
File: hpux_PHSS_41983.nasl - Type: ACT_GATHER_INFO
2012-03-06 Name: The remote HP-UX host is missing a security-related patch.
File: hpux_PHSS_42328.nasl - Type: ACT_GATHER_INFO