18 results (0.003 seconds)

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

A vulnerability in NetBatch-Plus software allows unauthorized access to the application.  HPE has provided a workaround and fix. Please refer to HPE Security Bulletin HPESBNS04388 for details. Una vulnerabilidad en el software NetBatch-Plus permite el acceso no autorizado a la aplicación. HPE ha proporcionado un workaround. Consulte el boletín de seguridad de HPE HPESBNS04388 para obtener más detalles. • https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbns04388en_us • CWE-287: Improper Authentication •

CVSS: 7.0EPSS: 0%CPEs: 6EXPL: 0

A Local Disclosure of Sensitive Information vulnerability was identified in HPE NonStop Safeguard earlier than version SPR T9750L01^AIC or T9750H05^AIH, and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND; all versions on H-series. STDSEC-STANDARD SECURITY PROD All prior versions before T6533L01^ADU or T6533H05^ADW, and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND and all versions on H-series . Note that some commands in NonStop Safeguard and NonStop Standard Security software require username and password to be passed as command line parameters, which may lead to a local disclosure of the credentials. Se identificó una vulnerabilidad de Revelación de información local sensible en HPE NonStop Safeguard, versión anterior a SPR T9750L01^AIC o T9750H05^AIH, y en versiones posteriores cuando el atributo de configuración PASSWORD-PROMPT no está configurado en BLIND; todas las versiones en H-series. STDSEC-STANDARD SECURITY PROD Todas las versiones anteriores a T6533L01^ADU o T6533H05^ADW, y las versiones posteriores cuando el atributo de configuración PASSWORD-PROMPT no está configurado en BLIND y todas las versiones de la serie H . • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03910en_us •

CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0

comforte SWAP 1049 through 1069 and 20.0.0 through 21.5.3 (as used in SSLOBJ on HPE NonStop SSL T0910, and in the comforte SecurCS, SecurFTP, SecurLib/SSL-AT, and SecurTN products), after executing the RELOAD CERTIFICATES command, does not ensure that clients use a strong TLS cipher suite, which makes it easier for remote attackers to defeat intended cryptographic protection mechanisms by sniffing the network. This is fixed in 21.6.0. comforte SWAP, de la versión 1049 hasta la 1069 y la versión 20.0.0 hasta la 21.5.3 (tal y como se emplea en SSLOBJ en HPE NonStop SSL T0910, y en los productos comforte SecurCS, SecurFTP, SecurLib/SSL-AT y SecurTN), tras ejecutar el comando RELOAD CERTIFICATES, no asegura que los clientes emplean una suite de cifrado TLS fuerte. Esto facilita que atacantes remotos superen los mecanismos de protección criptográfica planeados rastreando la red. Esto se ha solucionado en la versión 21.6.0. • https://comforte.com/cve-2018-6653 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03827en_us • CWE-326: Inadequate Encryption Strength •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

A Local Disclosure of Sensitive Information vulnerability in HPE NonStop Software Essentials version T0894 T0894H02 through T0894H02^AAI was found. Se ha encontrado una vulnerabilidad de divulgación de información local en HPE NonStop Software Essentials T0894 T0894H02 hasta T0894H02^AAI. • http://www.securitytracker.com/id/1038026 https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbns03708en_us • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

A Remote Disclosure of Information vulnerability in HPE NonStop Servers using SSH Service version L series: T0801L02 through T0801L02^ABX; J and H series: T0801H01 through T0801H01^ACA was found. Se ha encontrado una vulnerabilidad de revelación remota de información en HPE NonStop Servers que emplean SSH Service version L series: T0801L02 hasta T0801L02^ABX; J y H series: T0801H01 hasta T0801H01^ACA. • http://www.securityfocus.com/bid/98052 http://www.securitytracker.com/id/1038370 https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbns03735en_us https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03735en_us • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •