3 results (0.003 seconds)

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

HPE Asset Manager 9.40, 9.41, and 9.50 and Asset Manager CloudSystem Chargeback 9.40 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. HPE Asset Manager 9.40, 9.41 y 9.50 y Asset Manager CloudSystem Chargeback 9.40 permiten a atacantes remotos ejecutar comandos arbitrarios a través de un objeto Java serializado manipulado, relacionado con la librería Apache Commons Collections (ACC). • https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05064889 • CWE-19: Data Processing Errors •

CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0

HP Asset Manager 9.40 and 9.41 before 9.41.11103 P4-rev1 and 9.50 before 9.50.11925 P3 allows local users to obtain sensitive information via unspecified vectors. HP Asset Manager 9.40 y 9.41 en versiones anteriores a 9.41.11103 P4-rev1 y 9.50 en versiones anteriores a 9.50.11925 P3 permite a usuarios locales obtener información sensible a través de vectores no especificados. • http://www.securityfocus.com/bid/77303 http://www.securitytracker.com/id/1033957 https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04863562 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0

An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and Solaris, HP Asset Manager 9.30 through 9.32, 9.40 through 9.41, 9.50, and Asset Manager Cloudsystem Chargeback 9.40, which could let a remote malicious user obtain sensitive information. This is the TLS vulnerability known as the RC4 cipher Bar Mitzvah vulnerability. Se presenta una vulnerabilidad de divulgación de información en HP SiteScope versiones 11.2 y 11.3 en Windows, Linux y Solaris, HP Asset Manager versiones 9.30 hasta 9.32, 9.40 hasta 9.41, 9.50 y Asset Manager Cloudsystem Chargeback versión 9.40, lo que podría permitir a un usuario malicioso remoto obtener información confidencial. Esta es la vulnerabilidad TLS, se conoce como la vulnerabilidad RC4 Cipher Bar Mitzvah. • http://marc.info/?l=bugtraq&m=143455780010289&w=2 http://marc.info/?l=bugtraq&m=143629738517220&w=2 http://www.securityfocus.com/bid/75258 https://packetstormsecurity.com/files/cve/CVE-2015-2802 https://securitytracker.com/id/1032599 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •