Hp Data Protector vulnerabilities
10 known vulnerabilities affecting hp/data_protector.
Total CVEs
10
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL6HIGH2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2016-2004P1CRITICALCVSS 9.8PoC≥ 7.0, < 7.03_108≥ 8.0, < 8.15+1 more2016-04-21
CVE-2016-2004 [CRITICAL] CVE-2016-2004: HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to e
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2623.
nvd
CVE-2016-2007P2CRITICALCVSS 9.8≥ 7.0, < 7.03_108≥ 8.0, < 8.15+1 more2016-04-21
CVE-2016-2007 [CRITICAL] CVE-2016-2007: HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3354.
nvd
CVE-2016-2005P2CRITICALCVSS 9.8≥ 7.0, < 7.03_108≥ 8.0, < 8.15+1 more2016-04-21
CVE-2016-2005 [CRITICAL] CVE-2016-2005: HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3352.
nvd
CVE-2016-2006P2CRITICALCVSS 9.8≥ 7.0, < 7.03_108≥ 8.0, < 8.15+1 more2016-04-21
CVE-2016-2006 [CRITICAL] CVE-2016-2006: HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3353.
nvd
CVE-2017-5807P2CRITICALCVSS 9.8fixed in 8.17v9.092018-02-15
CVE-2017-5807 [CRITICAL] CWE-119 CVE-2017-5807: A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09
A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found.
nvd
CVE-2016-2008P2CRITICALCVSS 9.8≥ 7.0, < 7.03_108≥ 8.0, < 8.15+1 more2016-04-21
CVE-2016-2008 [CRITICAL] CVE-2016-2008: HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors.
nvd
CVE-2014-5160P3MEDIUMCVSS 6.4v6.10v6.112014-08-01
CVE-2014-5160 [MEDIUM] CWE-22 CVE-2014-5160: Multiple directory traversal vulnerabilities in crs.exe in the Cell Request Service in HP Data Prote
Multiple directory traversal vulnerabilities in crs.exe in the Cell Request Service in HP Data Protector allow remote attackers to create arbitrary files via an opcode-1091 request, or create or delete arbitrary files via an opcode-305 request. NOTE: the vendor reportedly asserts that this behavior is "by design.
nvd
CVE-2017-5808P3HIGHCVSS 7.5fixed in 8.17v9.092018-02-15
CVE-2017-5808 [HIGH] CWE-20 CVE-2017-5808: A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09
A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found.
nvd
CVE-2011-2399P3HIGHCVSS 7.8≤ 6.11v6.102011-08-01
CVE-2011-2399 [HIGH] CVE-2011-2399: Unspecified vulnerability in the Media Management Daemon (mmd) in HP Data Protector 6.11 and earlier
Unspecified vulnerability in the Media Management Daemon (mmd) in HP Data Protector 6.11 and earlier allows remote attackers to cause a denial of service via unknown vectors.
nvd
CVE-2017-5809P4MEDIUMCVSS 5.5fixed in 8.17v9.092018-02-15
CVE-2017-5809 [MEDIUM] CWE-275 CVE-2017-5809: A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09
A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found.
nvd