CVE-2015-2108
https://notcve.org/view.php?id=CVE-2015-2108
Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors. Vulnerabilidad no especificada en Powershell Operations en HP Operations Orchestration 9.x y 10.x permite a usuarios remotos autenticados obtener información sensible a través de vectores desconocidos. • http://www.securityfocus.com/bid/73320 http://www.securitytracker.com/id/1031987 https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-2109
https://notcve.org/view.php?id=CVE-2015-2109
Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors. Vulnerabilidad no especificada en HP Operations Orchestration 10.x permite a atacantes remotos evadir la autenticación, y obtener información sensible o modificar datos, a través de vectores desconocidos. • http://www.securityfocus.com/bid/73323 https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607 •
CVE-2013-6191 – HP Operations Orchestration Central 9.06 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2013-6191
Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en HP Operations Orchestration anterior a la versión 9 permite a atacantes remotos inyectar script web o HTML arbitrario a través de vectores no especificados. HP Operations Orchestration Central version 9.06 suffers from multiple cross site scripting vulnerabilities. • http://www.securitytracker.com/id/1029496 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2013-6192 – HP Operations Orchestration Central 9.06 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2013-6192
Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration before 9 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Vulnerabilidad de CSRF en HP Operations Orchestration anterior a la versión 9 permite a atacantes remotos secuestrar la autenticación de víctimas no especificadas a través de vectores desconocidos. HP Operations Orchestration Central version 9.06 suffers from multiple cross site scripting vulnerabilities. • http://www.securitytracker.com/id/1029496 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04041093 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2012-3258
https://notcve.org/view.php?id=CVE-2012-3258
Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en HP Operations Orchestration v9.0 antes de 9.03, permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos. • http://www.securityfocus.com/bid/55594 https://exchange.xforce.ibmcloud.com/vulnerabilities/78621 https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03490339 •