CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-37931 – A vulnerability in NetBatch-Plus software allows unauthorized access to the application
https://notcve.org/view.php?id=CVE-2022-37931
22 Nov 2022 — A vulnerability in NetBatch-Plus software allows unauthorized access to the application. HPE has provided a workaround and fix. Please refer to HPE Security Bulletin HPESBNS04388 for details. Una vulnerabilidad en el software NetBatch-Plus permite el acceso no autorizado a la aplicación. HPE ha proporcionado un workaround. • https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbns04388en_us • CWE-287: Improper Authentication •
CVSS: 7.0EPSS: 0%CPEs: 6EXPL: 0CVE-2018-7119
https://notcve.org/view.php?id=CVE-2018-7119
10 May 2019 — A Local Disclosure of Sensitive Information vulnerability was identified in HPE NonStop Safeguard earlier than version SPR T9750L01^AIC or T9750H05^AIH, and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND; all versions on H-series. STDSEC-STANDARD SECURITY PROD All prior versions before T6533L01^ADU or T6533H05^ADW, and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND and all versions on H-series . Note that some commands in NonStop Safe... • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03910en_us •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2018-6653
https://notcve.org/view.php?id=CVE-2018-6653
01 Mar 2018 — comforte SWAP 1049 through 1069 and 20.0.0 through 21.5.3 (as used in SSLOBJ on HPE NonStop SSL T0910, and in the comforte SecurCS, SecurFTP, SecurLib/SSL-AT, and SecurTN products), after executing the RELOAD CERTIFICATES command, does not ensure that clients use a strong TLS cipher suite, which makes it easier for remote attackers to defeat intended cryptographic protection mechanisms by sniffing the network. This is fixed in 21.6.0. comforte SWAP, de la versión 1049 hasta la 1069 y la versión 20.0.0 hasta... • https://comforte.com/cve-2018-6653 • CWE-326: Inadequate Encryption Strength •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-5788
https://notcve.org/view.php?id=CVE-2017-5788
15 Feb 2018 — A Local Disclosure of Sensitive Information vulnerability in HPE NonStop Software Essentials version T0894 T0894H02 through T0894H02^AAI was found. Se ha encontrado una vulnerabilidad de divulgación de información local en HPE NonStop Software Essentials T0894 T0894H02 hasta T0894H02^AAI. • http://www.securitytracker.com/id/1038026 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 7%CPEs: 3EXPL: 0CVE-2017-5803
https://notcve.org/view.php?id=CVE-2017-5803
15 Feb 2018 — A Remote Disclosure of Information vulnerability in HPE NonStop Servers using SSH Service version L series: T0801L02 through T0801L02^ABX; J and H series: T0801H01 through T0801H01^ACA was found. Se ha encontrado una vulnerabilidad de revelación remota de información en HPE NonStop Servers que emplean SSH Service version L series: T0801L02 hasta T0801L02^ABX; J y H series: T0801H01 hasta T0801H01^ACA. • http://www.securityfocus.com/bid/98052 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2017-8974 – HPE Security Bulletin HPESBNS03804 1
https://notcve.org/view.php?id=CVE-2017-8974
14 Jan 2018 — A Local Authentication Restriction Bypass vulnerability in HPE NonStop Server version L-Series: T6533L01 through T6533L01^ADN; J-Series and H-series: T6533H02 through T6533H04^ADF and T6533H05 through T6533H05^ADL was found. En la versión 1.0 de SAP HANA Extended Application Services, una contraseña keystore plana se escribe en un archivo de registro del sistema, lo que podría poner en peligro la confidencialidad de la comunicación SSL. A security vulnerability in HPE NonStop Server may allow local authenti... • http://www.securityfocus.com/bid/102530 •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2015-2123
https://notcve.org/view.php?id=CVE-2015-2123
25 May 2015 — Unspecified vulnerability in HP NonStop Safeguard Security Software H06.x, L15.02, and J06.x before J06.19 allows remote authenticated users to gain privileges by leveraging Expand access. Vulnerabilidad no especificada en HP NonStop Safeguard Security Software H06.x, L15.02, y J06.x anterior a J06.19 permite a usuarios remotos autenticados ganar privilegios mediante el aprovechamiento del acceso a Expand. • http://www.securityfocus.com/bid/74819 •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2014-2629
https://notcve.org/view.php?id=CVE-2014-2629
12 Aug 2014 — HP NonStop Safeguard Security Software G, H06.03 through H06.28.01, and J06.03 through J06.17.01 does not properly evaluate the DISKFILE-PATTERN ACL of a program object file, which allows remote authenticated users to bypass intended restrictions on program access via vectors related to process-creation time. HP NonStop Safeguard Security Software G, H06.03 hasta H06.28.01, y J06.03 hasta J06.17.01 no evalúa debidamente el DISKFILE-PATTERN ACL de un fichero de objeto de programa, lo que permite a usuarios r... • http://secunia.com/advisories/59981 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 25EXPL: 0CVE-2014-2627
https://notcve.org/view.php?id=CVE-2014-2627
01 Aug 2014 — Unspecified vulnerability in HP NonStop NetBatch G06.14 through G06.32.01, H06 through H06.28, and J06 through J06.17.01 allows remote authenticated users to gain privileges for NetBatch job execution via unknown vectors. Vulnerabilidad no especificada en HP NonStop NetBatch G06.14 hasta G06.32.01, H06 hasta H06.28 y J06 hasta J06.17.01 permite a usuarios remotos autenticados ganar privilegios para la ejecución de trabajos en NetBatch a través de vectores desconocidos. • http://secunia.com/advisories/60617 •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2013-2322
https://notcve.org/view.php?id=CVE-2013-2322
28 Jun 2013 — HP SQL/MX 3.2 and earlier on NonStop servers, when SQL/MP Objects are used, allows remote authenticated users to obtain sensitive information via unspecified vectors, aka the "SQL/MP index" issue. HP SQL/MX v3.2 y anteriores en los servidores NonStop, cuando se utilizan objetos SQL/MP, permite a los usuarios autenticados remotamente ontener información sensible a través de vectores no especificados, también conocido como "índice SQL/MP". • http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03762155 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •