CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2019-11997
https://notcve.org/view.php?id=CVE-2019-11997
A potential security vulnerability has been identified in HPE enhanced Internet Usage Manager (eIUM) versions 8.3 and 9.0. The vulnerability could be used for unauthorized access to information via cross site scripting. HPE has made the following software updates to resolve the vulnerability in eIUM. The eIUM 8.3 FP01 customers are advised to install eIUM83FP01Patch_QXCR1001711284.20190806-1244 patch. The eIUM 9.0 customers are advised to upgrade to eIUM 9.0 FP02 PI5 or later versions. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03975en_us • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7109
https://notcve.org/view.php?id=CVE-2018-7109
HPE has addressed a remote arbitrary file modification vulnerability in HPE enhanced Internet Usage Manager (eIUM) v9.0FP1 with the cumulative patch for v9.0FP1 - eIUM90FP01XXX.YYYYMMDD-HHMM. HPE ha abordado una vulnerabilidad de modificación remota de archivos arbitrarios en HPE enhanced Internet Usage Manager (eIUM) v9.0FP1 con el parche acumulativo para v9.0FP1 - eIUM90FP01XXX.YYYYMMDD-HHMM. • http://www.securityfocus.com/bid/105422 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03896en_us •