CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2012-5213
https://notcve.org/view.php?id=CVE-2012-5213
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1662. Vulnerabilidad no especificada en HP Intelligent Management Center (iMC) y Intelligent Management Center para Automated Network Manager (ANM) anterior a v5.2 E0401, permite a atacantes remotos obtener información sensible mediante vectores desconocidos, también conocida como ZDI-CAN-1662. • http://marc.info/?l=bugtraq&m=136268852804156&w=2 https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03689276 •
CVSS: 7.5EPSS: 2%CPEs: 11EXPL: 0CVE-2012-5205 – Hewlett-Packard Intelligent Management Center DownloadReportSourceServlet Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2012-5205
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1650. Vulnerabilidad no especificada en HP Intelligent Management Center (iMC) y Intelligent Management Center para Automated Network Manager (ANM) anterior a v5.2 E0401, permitiendo a atacantes remotos obtener información sensible, modificar datos o causar una denegación de servicio mediante vectores desconocidos, también conocida como ZDI-CAN-1650. This vulnerability allows remote attackers to obtain sensitive information on vulnerable installations of Hewlett-Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DownloadReportSourceServlet. Authentication is not required to access this servlet, which allows any file readable by SYSTEM to be disclosed. • http://marc.info/?l=bugtraq&m=136268852804156&w=2 https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03689276 •
CVSS: 3.5EPSS: 0%CPEs: 11EXPL: 0CVE-2012-5200
https://notcve.org/view.php?id=CVE-2012-5200
Cross-site scripting (XSS) vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en HP Intelligent Management Center (iMC) y Intelligent Management Center for Automated Network Manager (ANM) anterior a v5.2 E0401 permite a usuarios remotamente autenticados inyectar secuencias de comandos web o HTML a través de vectores no especificados • https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03689276 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.4EPSS: 2%CPEs: 11EXPL: 0CVE-2012-5206 – Hewlett-Packard Intelligent Management Center SyslogDownloadServlet Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2012-5206
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1660. Vulnerabilidad no especificada en HP Intelligent Management Center (iMC) y Intelligent Management Center para Automated Network Manager (ANM) anterior a v5.2 E0401, permitiendo a atacantes remotos obtener información sensible, modificar datos o causar una denegación de servicio mediante vectores desconocidos, también conocida como ZDI-CAN-1660. This vulnerability allows remote attackers to obtain sensitive information on vulnerable installations of HP Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SyslogDownloadServlet servlet. This servlet suffers from a directory traversal vulnerability which allows any file readable by SYSTEM to be disclosed. • http://marc.info/?l=bugtraq&m=136268852804156&w=2 https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03689276 •
CVSS: 10.0EPSS: 71%CPEs: 11EXPL: 0CVE-2012-5209 – Hewlett-Packard Intelligent Management Center flexFileUpload Servlet Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-5209
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1659. Vulnerabilidad no especificada en HP Intelligent Management Center (iMC) y Intelligent Management Center para Automated Network Manager (ANM) anterior a v5.2 E0401, permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos, también conocida como ZDI-CAN-1659. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the flexFileUpload servlet. This servlet exposes file upload functionalities and suffers from a directory traversal vulnerability which allows a file to be written to the server. • http://marc.info/?l=bugtraq&m=136268852804156&w=2 https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03689276 •