CVE-2016-4367
https://notcve.org/view.php?id=CVE-2016-4367
The Universal Discovery component in HPE Universal CMDB 10.0, 10.01, 10.10, 10.11, 10.20, and 10.21 allows remote attackers to obtain sensitive information via unspecified vectors. El componente Universal Discovery en HPE Universal CMDB 10.0, 10.01, 10.10, 10.11, 10.20 y 10.21 permite a atacantes remotos obtener información sensible a través de vectores no especificados. • http://www.securitytracker.com/id/1036050 https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05164813 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-4368
https://notcve.org/view.php?id=CVE-2016-4368
HPE Universal CMDB 10.0 through 10.21, Universal CMDB Configuration Manager 10.0 through 10.21, and Universal Discovery 10.0 through 10.21 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. HPE Universal CMDB 10.0 hasta la versión 10.21, Universal CMDB Configuration Manager 10.0 hasta la versión 10.21 y Universal Discovery 10.0 hasta la versión 10.21 permiten a atacantes remotos ejecutar comandos arbitrarios a través de un objeto Java serializado manipulado, relacionado con la librería Apache Commons Collections (ACC). • https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164408 • CWE-20: Improper Input Validation •
CVE-2016-2001
https://notcve.org/view.php?id=CVE-2016-2001
HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11, and 10.20 allows remote attackers to obtain sensitive information or conduct URL redirection attacks via unspecified vectors. HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11 y 10.20 permite a atacantes remotos obtener información sensible o llevar a cabo ataques de redireccionamiento de URL a través de vectores no especificados. • http://www.securitytracker.com/id/1035505 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073504 •