CVSS: 6.8EPSS: 2%CPEs: 11EXPL: 0CVE-2012-5212 – Hewlett-Packard Intelligent Management Center JavaService Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2012-5212
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1663. Vulnerabilidad no especificada en P Intelligent Management Center (iMC) y Intelligent Management Center para Automated Network Manager (ANM) anterior a v5.2 E0401, permitiendo a atacantes remotos obtener información sensible, modificar datos o causar una denegación de servicio mediante vectores desconocidos, también conocida como ZDI-CAN-1663. This vulnerability allows remote attackers to obtain sensitive information on vulnerable installations of HP Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the communication channel between the JavaService server and the Monitoring Deployment Agent. By abusing this flaw an attacker can disclose administrative credentials and possibly leverage this situation to achieve remote code execution. • http://marc.info/?l=bugtraq&m=136268852804156&w=2 https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03689276 •
CVSS: 10.0EPSS: 79%CPEs: 11EXPL: 1CVE-2012-5201 – Hewlett-Packard Intelligent Management Center mibFileUpload Servlet Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-5201
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1611. Vulnerabilidad no especificada en HP Intelligent Management Center (iMC) y Intelligent Management Center para Automated Network Manager (ANM) anterior a v5.2 E0401, permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos, también conocida como ZDI-CAN-1611. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the mibFileUpload servlet. Authentication is not required to access this servlet, which allows a file to be written to the server. • https://www.exploit-db.com/exploits/24891 http://marc.info/?l=bugtraq&m=136268852804156&w=2 https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03689276 •
CVSS: 8.5EPSS: 2%CPEs: 11EXPL: 0CVE-2012-5208 – Hewlett-Packard Intelligent Management Center DownloadServlet Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2012-5208
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1615. Vulnerabilidad no especificada en HP Intelligent Management Center (iMC) y Intelligent Management Center para Automated Network Manager (ANM) anterior a v5.2 E0401, permitiendo a atacantes remotos obtener información sensible, modificar datos o causar una denegación de servicio mediante vectores desconocidos, también conocida como ZDI-CAN-1615. This vulnerability allows remote attackers to obtain sensitive information on vulnerable installations of Hewlett-Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DownloadServlet. This servlet contains a directory traversal vulnerability that allows any file readable by SYSTEM to be disclosed. • http://marc.info/?l=bugtraq&m=136268852804156&w=2 https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03689276 •
CVSS: 7.5EPSS: 78%CPEs: 11EXPL: 0CVE-2012-5204 – Hewlett-Packard Intelligent Management Center IctDownloadServlet Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2012-5204
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1614. Vulnerabilidad no especificada en HP Intelligent Management Center (iMC) y Intelligent Management Center para Automated Network Manager (ANM) anterior a v5.2 E0401, permitiendo a atacantes remotos obtener información sensible, modificar datos o causar una denegación de servicio mediante vectores desconocidos, también conocida como ZDI-CAN-1614. This vulnerability allows remote attackers to obtain sensitive information on vulnerable installations of Hewlett-Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IctDownloadServlet. Authentication is not required to access this servlet, which allows any file readable by SYSTEM to be disclosed. • http://marc.info/?l=bugtraq&m=136268852804156&w=2 https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03689276 •
CVSS: 10.0EPSS: 83%CPEs: 7EXPL: 1CVE-2012-3274 – HP Intelligent Management Center < 5.0 E0102 - UAM Buffer Overflow
https://notcve.org/view.php?id=CVE-2012-3274
Stack-based buffer overflow in uam.exe in the User Access Manager (UAM) component in HP Intelligent Management Center (IMC) before 5.1 E0101P01 allows remote attackers to execute arbitrary code via vectors related to log data. Vulnerabilidad de desobrdamiento de búfer basado en pila en uam.exe en el componente User Access Manager (UAM) en HP Intelligent Management Center (IMC) antes de v5.1 E0101P01 permite a atacantes remotos ejecutar código de su elección a través de vectores relacionados con el registro de datos. • https://www.exploit-db.com/exploits/41710 http://zerodayinitiative.com/advisories/ZDI-12-171 https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03589863 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •