CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-7077
https://notcve.org/view.php?id=CVE-2018-7077
A security vulnerability in HPE XP P9000 Command View Advanced Edition (CVAE) Device Manager (DevMgr 8.5.0-00 and prior to 8.6.0-00), Configuration Manager (CM 8.5.0-00 and prior to 8.6.0-00) could be exploited to allow local and remote unauthorized access to sensitive information. Una vulnerabilidad de seguridad en HPE XP P9000 Command View Advanced Edition (CVAE) Device Manager (DevMgr 8.5.0-00 anterior a 8.6.0-00) y Configuration Manager (CM 8.5.0-00 anterior a 8.6.0-00) podría explotarse para permitir el acceso no autorizado local y remoto a información sensible. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03860en_us •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0CVE-2018-7095
https://notcve.org/view.php?id=CVE-2018-7095
A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be exploited remotely to allow access restriction bypass. Se ha identificado una vulnerabilidad de seguridad en 3PAR Service Processor (SP) en versiones anteriores a la SP-4.4.0.GA-110(MU7). La vulnerabilidad podría explotarse remotamente para lograr omitir las restricciones de acceso. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03861en_us https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03884en_us •
CVSS: 8.4EPSS: 0%CPEs: 9EXPL: 0CVE-2018-7098
https://notcve.org/view.php?id=CVE-2018-7098
A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be locally exploited to allow directory traversal. Se ha identificado una vulnerabilidad de seguridad en 3PAR Service Processor (SP) en versiones anteriores a la SP-4.4.0.GA-110(MU7). La vulnerabilidad podría explotarse de forma remota para permitir el salto de directorio. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03861en_us https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03884en_us • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2018-7097
https://notcve.org/view.php?id=CVE-2018-7097
A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be exploited remotely to allow cross-site request forgery. Se ha identificado una vulnerabilidad de seguridad en 3PAR Service Processor (SP) en versiones anteriores a la SP-4.4.0.GA-110(MU7). La vulnerabilidad podría explotarse remotamente para lograr Cross-Site Request Forgery (CSRF). • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03861en_us https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03884en_us • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.6EPSS: 0%CPEs: 7EXPL: 0CVE-2018-7093
https://notcve.org/view.php?id=CVE-2018-7093
A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior to v2.55 could be remotely exploited to create a denial of service. Una vulnerabilidad de seguridad en HPE Integrated Lights-Out 3 en versiones anteriores a la v1.90, iLO 4 en versiones anteriores a la v2.60, iLO 5 en versiones anteriores a la v1.30, Moonshot Chassis Manager con firmware en versiones anteriores a la v1.58 y Moonshot Component Pack en versiones anteriores a la v2.55 podría explotarse de forma remota para crear una denegación de servicio (DoS). • http://www.securitytracker.com/id/1041435 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03835en_us •