CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6490 – MFSBGN03801 rev.1 - Micro Focus Operations Orchestration, Remote Denial of Service (DoS)
https://notcve.org/view.php?id=CVE-2018-6490
01 Mar 2018 — Denial of Service vulnerability in Micro Focus Operations Orchestration Software, version 10.x. This vulnerability could be remotely exploited to allow Denial of Service. Vulnerabilidad de denegación de servicio (DoS) en Micro Focus Operations Orchestration Software, en versiones 10.x. La vulnerabilidad se podría explotar de forma remota para permitir una denegación de servicio (DoS). A potential security vulnerability has been identified in Micro Focus Operations Orchestration. • https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03103896 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 15%CPEs: 1EXPL: 0CVE-2017-8994 – Hewlett Packard Enterprise Operations Orchestration Backwards Compatibility Deserialization of Untrusted Data Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-8994
31 Aug 2017 — A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely. Una vulnerabilidad de validación de entradas en el producto HPE Operations Orchestration en todas las versiones anteriores a 10.80 permite la ejecución remota de código. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Operations Orchestration. Authentication is not required to exploit th... • http://www.securityfocus.com/bid/100588 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 60%CPEs: 2EXPL: 0CVE-2016-8519 – Hewlett Packard Enterprise Operations Orchestration Backwards Compatibility Deserialization of Untrusted Data Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-8519
04 Jan 2017 — A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found. Se ha encontrado una vulnerabilidad de ejecución remota de código en HPE Operations Orchestration en las ediciones Community y Enterprise anteriores a v10.70. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Operations Orchestration. Authentication is not required to exploit this vulnerability. ... • http://www.securityfocus.com/bid/95225 • CWE-502: Deserialization of Untrusted Data •
CVSS: 10.0EPSS: 2%CPEs: 10EXPL: 0CVE-2016-1997 – HP Security Bulletin HPSBGN03560 1
https://notcve.org/view.php?id=CVE-2016-1997
22 Mar 2016 — HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. HPE Operations Orchestration 10.x en versiones anteriores a 10.51 y Operations Orchestration content en versiones anteriores a 1.7.0 permiten a atacantes remotos ejecutar comandos arbitrarios a través de un objeto Java serializado manipulado, relacionado con la librería Ap... • https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05050545 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5451 – HP Security Bulletin HPSBGN03521 2
https://notcve.org/view.php?id=CVE-2015-5451
19 Nov 2015 — Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Vulnerabilidad de CSRF en HP Operations Orchestration Central 10.x en versiones anteriores a 10.22.001 permite a atacantes remotos secuestrar la autenticación de víctimas no especificadas a través de vectores desconocidos. A potential security vulnerability has been identified in HP Operations Orchestrati... • http://www.securitytracker.com/id/1034177 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-2108 – HP Security Bulletin HPSBMU03291 1
https://notcve.org/view.php?id=CVE-2015-2108
25 Mar 2015 — Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors. Vulnerabilidad no especificada en Powershell Operations en HP Operations Orchestration 9.x y 10.x permite a usuarios remotos autenticados obtener información sensible a través de vectores desconocidos. A potential security vulnerability has been identified with HP Operations Orchestration running Powershell operations that could... • http://www.securityfocus.com/bid/73320 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-2109 – HP Security Bulletin HPSBMU03292 1
https://notcve.org/view.php?id=CVE-2015-2109
25 Mar 2015 — Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors. Vulnerabilidad no especificada en HP Operations Orchestration 10.x permite a atacantes remotos evadir la autenticación, y obtener información sensible o modificar datos, a través de vectores desconocidos. A potential security vulnerability has been identified with HP Operations Orchestration that could result in authentication b... • http://www.securityfocus.com/bid/73323 •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 1CVE-2013-6191 – HP Security Bulletin HPSBGN02951
https://notcve.org/view.php?id=CVE-2013-6191
15 Dec 2013 — Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en HP Operations Orchestration anterior a la versión 9 permite a atacantes remotos inyectar script web o HTML arbitrario a través de vectores no especificados. Potential security vulnerabilities have been identified with HP Operations Orchestration. The vulnerabilities could be exploited to allow cross-site scripting (X... • https://packetstorm.news/files/id/124542 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2013-6192 – HP Security Bulletin HPSBGN02951
https://notcve.org/view.php?id=CVE-2013-6192
15 Dec 2013 — Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration before 9 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Vulnerabilidad de CSRF en HP Operations Orchestration anterior a la versión 9 permite a atacantes remotos secuestrar la autenticación de víctimas no especificadas a través de vectores desconocidos. Potential security vulnerabilities have been identified with HP Operations Orchestration. The vulnerabilities could be exploited ... • https://packetstorm.news/files/id/124542 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 34%CPEs: 1EXPL: 0CVE-2012-3258
https://notcve.org/view.php?id=CVE-2012-3258
19 Sep 2012 — Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en HP Operations Orchestration v9.0 antes de 9.03, permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos. • http://www.securityfocus.com/bid/55594 •