CVSS: 7.8EPSS: 90%CPEs: 2EXPL: 0CVE-2014-2618 – Hewlett-Packard Intelligent Management Center BIMS UploadServlet Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2014-2618
Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-2080. Vulnerabilidad no especificada en HP Intelligent Management Center (iMC) anterior a 7.0 E02020P03 y Branch Intelligent Management System (BIMS) anterior a 7.0 E0201P02 permite a atacantes remotos obtener información sensible a través de vectores desconocidos, también conocido como ZDI-CAN-2080. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UploadServlet servlet. This servlet contains a directory traversal issue which allows any file readable by SYSTEM to be disclosed. • http://www.securityfocus.com/bid/68540 http://www.securitytracker.com/id/1030568 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04369484 •
CVSS: 7.8EPSS: 3%CPEs: 2EXPL: 0CVE-2014-2620 – Hewlett-Packard Intelligent Management Center FaultDownloadServlet Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2014-2620
Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-2089. Vulnerabilidad no especificada en HP Intelligent Management Center (iMC) anterior a 7.0 E02020P03 y Branch Intelligent Management System (BIMS) anterior a 7.0 E0201P02 permite a atacantes remotos obtener información sensible a través de vectores desconocidos, también conocido como ZDI-CAN-2089. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FaultDownloadServlet servlet. This servlet contains a directory traversal issue which allows any file readable by SYSTEM to be disclosed. • http://www.securityfocus.com/bid/68544 http://www.securitytracker.com/id/1030568 https://exchange.xforce.ibmcloud.com/vulnerabilities/94490 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04369484 •
CVSS: 7.8EPSS: 3%CPEs: 2EXPL: 0CVE-2014-2621 – Hewlett-Packard Intelligent Management Center IctDownloadServlet Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2014-2621
Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-2090. Vulnerabilidad no especificada en HP Intelligent Management Center (iMC) anterior a 7.0 E02020P03 y Branch Intelligent Management System (BIMS) anterior a 7.0 E0201P02 permite a atacantes remotos obtener información sensible a través de vectores desconocidos, también conocido como ZDI-CAN-2090. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IctDownloadServlet servlet. This servlet contains a directory traversal issue which allows any file readable by SYSTEM to be disclosed. • http://www.securityfocus.com/bid/68546 http://www.securitytracker.com/id/1030568 https://exchange.xforce.ibmcloud.com/vulnerabilities/94491 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04369484 •
CVSS: 7.8EPSS: 3%CPEs: 2EXPL: 0CVE-2014-2619 – Hewlett-Packard Intelligent Management Center SyslogDownloadServlet Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2014-2619
Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-2088. Vulnerabilidad no especificada en HP Intelligent Management Center (iMC) anterior a 7.0 E02020P03 y Branch Intelligent Management System (BIMS) anterior a 7.0 E0201P02 permite a atacantes remotos obtener información sensible a través de vectores desconocidos, también conocido como ZDI-CAN-2088. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SyslogDownloadServlet servlet. This servlet contains a directory traversal issue which allows any file readable by SYSTEM to be disclosed. • http://www.securityfocus.com/bid/68543 http://www.securitytracker.com/id/1030568 https://exchange.xforce.ibmcloud.com/vulnerabilities/94489 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04369484 •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0CVE-2014-2622 – Hewlett-Packard Intelligent Management Center RssServlet Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2014-2622
Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote authenticated users to obtain sensitive information or modify data via unknown vectors, aka ZDI-CAN-2312. Vulnerabilidad no especificada en HP Intelligent Management Center (iMC) anterior a 7.0 E02020P03 y Branch Intelligent Management System (BIMS) anterior a 7.0 E0201P02 permite a usuarios remotos autenticados obtener información sensible o modificar datos a través de vectores desconocidos, también conocido como ZDI-CAN-2312. This vulnerability allows remote attackers to obtain sensitive information on vulnerable installations of Hewlett-Packard Intelligent Management Center. Authentication is required to exploit this vulnerability. The specific flaw exists within the RssServlet servlet. This servlet exhibits an XML external entity injection vulnerability which allows any file readable by SYSTEM to be disclosed. • http://www.securityfocus.com/bid/68547 http://www.securitytracker.com/id/1030568 https://exchange.xforce.ibmcloud.com/vulnerabilities/94492 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04369484 •