CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0CVE-2014-2622 – Hewlett-Packard Intelligent Management Center RssServlet Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2014-2622
Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote authenticated users to obtain sensitive information or modify data via unknown vectors, aka ZDI-CAN-2312. Vulnerabilidad no especificada en HP Intelligent Management Center (iMC) anterior a 7.0 E02020P03 y Branch Intelligent Management System (BIMS) anterior a 7.0 E0201P02 permite a usuarios remotos autenticados obtener información sensible o modificar datos a través de vectores desconocidos, también conocido como ZDI-CAN-2312. This vulnerability allows remote attackers to obtain sensitive information on vulnerable installations of Hewlett-Packard Intelligent Management Center. Authentication is required to exploit this vulnerability. The specific flaw exists within the RssServlet servlet. This servlet exhibits an XML external entity injection vulnerability which allows any file readable by SYSTEM to be disclosed. • http://www.securityfocus.com/bid/68547 http://www.securitytracker.com/id/1030568 https://exchange.xforce.ibmcloud.com/vulnerabilities/94492 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04369484 •
CVSS: 10.0EPSS: 96%CPEs: 13EXPL: 1CVE-2013-4822 – Hewlett-Packard Intelligent Management Center BIMS UploadServlet Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-4822
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (aka BIMS) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1606. Vulnerabilidad sin especificar en HP Intelligent Management Center (iMC) y HP IMC Branch Intelligent Management System Software Module (también conocido como BIMS) permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos, también conocido como ZDI-CAN-1606. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UploadServlet in the Branch Intelligent Management Module. Authentication is not required to access this servlet, which allows a file to be written to the server. • https://www.exploit-db.com/exploits/29130 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03943425 •
CVSS: 7.8EPSS: 97%CPEs: 13EXPL: 0CVE-2013-4823 – Hewlett-Packard Intelligent Management Center BIMS bimsDownload Servlet Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2013-4823
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (aka BIMS) allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1607. Vulnerabilidad no especificada en HP Intelligent Management Center (iMC) y HP IMC Branch Intelligent Management System Software Module (BIMS) permite a atacantes remotos obtener información sensible a través de vectores desconocidos, tambien conocido como ZDI-CAN-1607. This vulnerability allows remote attackers to obtain sensitive information on vulnerable installations of Hewlett-Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the bimsDownload servlet. Authentication is not required to access this servlet, which allows any file readable by SYSTEM to be disclosed. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03943425 •