This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Hp First view 2012-09-19
Product Operations Orchestration Last view 2018-02-15
Version 9.0 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:hp:operations_orchestration

Activity : Overall

Related : CVE

  Date Alert Description
9.8 2018-02-15 CVE-2016-8519

A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found.

9.8 2017-10-10 CVE-2017-8994

A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely.

6.8 2015-11-22 CVE-2015-5451

Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

3.5 2015-03-31 CVE-2015-2108

Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors.

10 2012-09-19 CVE-2012-3258

Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors.

CWE : Common Weakness Enumeration

%idName
25% (1) CWE-502 Deserialization of Untrusted Data
25% (1) CWE-352 Cross-Site Request Forgery (CSRF)
25% (1) CWE-200 Information Exposure
25% (1) CWE-20 Improper Input Validation

Information Assurance Vulnerability Management (IAVM)

id Description
2015-B-0042 Multiple Vulnerabilities in HP Operations Orchestration
Severity: Category I - VMSKEY: V0059783

Snort® IPS/IDS

Date Description
2017-06-29 HP Operations Orchestration unauthorized serialized object attempt
RuleID : 43007 - Type : SERVER-OTHER - Revision : 1

Nessus® Vulnerability Scanner

id Description
2017-09-05 Name: The remote host is affected by a remote code execution vulnerability.
File: hp_operations_orchestration_hpesbgn03767.nasl - Type: ACT_GATHER_INFO
2017-01-16 Name: The remote host is affected by a remote code execution vulnerability.
File: hp_operations_orchestration_bridge_exec.nasl - Type: ACT_ATTACK
2017-01-12 Name: The remote host is affected by a remote code execution vulnerability.
File: hp_operations_orchestration_hpsbgn03688.nasl - Type: ACT_GATHER_INFO
2015-12-02 Name: The remote host is affected by an unspecified cross-site request forgery vuln...
File: hp_operations_orchestration_hpsbgn03521.nasl - Type: ACT_GATHER_INFO
2015-05-12 Name: The remote host is affected by remote information disclosure vulnerability.
File: hp_operations_orchestration_hpsbmu03291.nasl - Type: ACT_GATHER_INFO