CVE-2018-6653
https://notcve.org/view.php?id=CVE-2018-6653
comforte SWAP 1049 through 1069 and 20.0.0 through 21.5.3 (as used in SSLOBJ on HPE NonStop SSL T0910, and in the comforte SecurCS, SecurFTP, SecurLib/SSL-AT, and SecurTN products), after executing the RELOAD CERTIFICATES command, does not ensure that clients use a strong TLS cipher suite, which makes it easier for remote attackers to defeat intended cryptographic protection mechanisms by sniffing the network. This is fixed in 21.6.0. comforte SWAP, de la versión 1049 hasta la 1069 y la versión 20.0.0 hasta la 21.5.3 (tal y como se emplea en SSLOBJ en HPE NonStop SSL T0910, y en los productos comforte SecurCS, SecurFTP, SecurLib/SSL-AT y SecurTN), tras ejecutar el comando RELOAD CERTIFICATES, no asegura que los clientes emplean una suite de cifrado TLS fuerte. Esto facilita que atacantes remotos superen los mecanismos de protección criptográfica planeados rastreando la red. Esto se ha solucionado en la versión 21.6.0. • https://comforte.com/cve-2018-6653 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03827en_us • CWE-326: Inadequate Encryption Strength •
CVE-2017-5788
https://notcve.org/view.php?id=CVE-2017-5788
A Local Disclosure of Sensitive Information vulnerability in HPE NonStop Software Essentials version T0894 T0894H02 through T0894H02^AAI was found. Se ha encontrado una vulnerabilidad de divulgación de información local en HPE NonStop Software Essentials T0894 T0894H02 hasta T0894H02^AAI. • http://www.securitytracker.com/id/1038026 https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbns03708en_us • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2017-5803
https://notcve.org/view.php?id=CVE-2017-5803
A Remote Disclosure of Information vulnerability in HPE NonStop Servers using SSH Service version L series: T0801L02 through T0801L02^ABX; J and H series: T0801H01 through T0801H01^ACA was found. Se ha encontrado una vulnerabilidad de revelación remota de información en HPE NonStop Servers que emplean SSH Service version L series: T0801L02 hasta T0801L02^ABX; J y H series: T0801H01 hasta T0801H01^ACA. • http://www.securityfocus.com/bid/98052 http://www.securitytracker.com/id/1038370 https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbns03735en_us https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03735en_us • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2017-8974
https://notcve.org/view.php?id=CVE-2017-8974
A Local Authentication Restriction Bypass vulnerability in HPE NonStop Server version L-Series: T6533L01 through T6533L01^ADN; J-Series and H-series: T6533H02 through T6533H04^ADF and T6533H05 through T6533H05^ADL was found. En la versión 1.0 de SAP HANA Extended Application Services, una contraseña keystore plana se escribe en un archivo de registro del sistema, lo que podría poner en peligro la confidencialidad de la comunicación SSL. • http://www.securityfocus.com/bid/102530 https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbns03804en_us •
CVE-2012-3280
https://notcve.org/view.php?id=CVE-2012-3280
Multiple unspecified vulnerabilities on HP NonStop Servers H06.x and J06.x allow remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via an OSS Remote Operation over an Expand connection. Múltiples vulnerabilidades no especificadas en HP NonStop H06.x Servidores y J06.x permitir a usuarios remotos autenticados para obtener información sensible, modificar datos, o causar una denegación de servicio a través de una operación OSS remota a través de una conexión de Expand. • https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03654586 •