CVSS: 10.0EPSS: 96%CPEs: 9EXPL: 2CVE-2013-4835 – HP SiteScope issueSiebelCmd SOAP Request Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-4835
The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x before 11.22 allows remote attackers to bypass authentication and execute arbitrary code via a direct request to the issueSiebelCmd method, aka ZDI-CAN-1765. El servicio SOAP de APISiteScopeImpl en HP SiteScope versiones 10.1x y versiones 11.x anteriores a 11.22, permite a los atacantes remotos omitir la autenticación y ejecutar código arbitrario mediante una petición directa al método issueSiebelCmd, también conocido como ZDI-CAN-1765. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP SiteScope. Authentication is not required to exploit this vulnerability. The specific flaw exists within the issueSiebelCmd() web method. A remote attacker can abuse this web method in order to remotely execute code under the context of the SYSTEM user. • https://www.exploit-db.com/exploits/30473 http://www.exploit-db.com/exploits/30473 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03969435 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c03969435 •
CVSS: 10.0EPSS: 96%CPEs: 2EXPL: 1CVE-2013-2367 – Hewlett-Packard SiteScope SOAP Call runOMAgentCommand Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2367
Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21, when SOAP is used, allow remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1678. Múltiples vulnerabilidades sin especificar en HP SiteScope 11.20 y 11.21, cuando SOAP es usado, permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos. Aka ZDI-CAN-1678. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP SiteScope. Authentication is not required to exploit this vulnerability. The specific flaw exists within APIBSMIntegrationImpl's processing of the runOMAgentCommand which can be invoked through SOAP requests without prior authentication. • https://www.exploit-db.com/exploits/28188 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03861260 •
CVSS: 10.0EPSS: 12%CPEs: 3EXPL: 0CVE-2012-3259
https://notcve.org/view.php?id=CVE-2012-3259
Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1461. Vulnerabilidad no especificada en la función SOAP en HP SiteScope 1v1.10 hasta 11.12 permite a atacantes remotos ejecutar código a través de vectores no especificados, tambíen conocido como ZDI-CAN-1461. • http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03489683 https://exchange.xforce.ibmcloud.com/vulnerabilities/78877 •
CVSS: 10.0EPSS: 12%CPEs: 3EXPL: 0CVE-2012-3261
https://notcve.org/view.php?id=CVE-2012-3261
Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1463. Una vulnerabilidad no especificada en el SOAP de HP SiteScope v11.10 a v11.12 permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos. Se trata de un problema con el ID ZDI-CAN-1463 • http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03489683 http://marc.info/?l=bugtraq&m=134825051608877&w=2 •
CVSS: 7.5EPSS: 12%CPEs: 3EXPL: 0CVE-2012-3264
https://notcve.org/view.php?id=CVE-2012-3264
Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1472. Una vulnerabilidad no especificada en el SOAP de HP SiteScope v11.10 a v11.12 permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos. Se trata deun problema también conocido como ZDI-CAN-1472 • http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03489683 http://marc.info/?l=bugtraq&m=134825051608877&w=2 •