Hp Openview Performance Insight vulnerabilities
5 known vulnerabilities affecting hp/openview_performance_insight.
Total CVEs
5
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM2LOW1
Vulnerabilities
Page 1 of 1
CVE-2011-0276P2CRITICALCVSS 10.0PoCv5.2v5.3+3 more2011-02-02
CVE-2011-0276 [CRITICAL] CVE-2011-0276: HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in
HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the com.trinagy.servlet.HelpManagerServlet class.
nvd
CVE-2010-0447P3CRITICALCVSS 10.0≤ 5.42010-03-10
CVE-2010-0447 [CRITICAL] CWE-287 CVE-2010-0447: The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier
The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbitrary commands via vectors involving upload of a JSP document.
nvd
CVE-2011-2407P4MEDIUMCVSS 6.4v5.3v5.4+4 more2011-08-11
CVE-2011-2407 [MEDIUM] CVE-2011-2407: Unspecified vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.4
Unspecified vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to obtain access via unknown vectors.
nvd
CVE-2011-2410P4MEDIUMCVSS 4.3v5.3v5.4+4 more2011-08-19
CVE-2011-2410 [MEDIUM] CWE-79 CVE-2011-2410: Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.
Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2011-2406P4LOWCVSS 3.5v5.3v5.4+4 more2011-08-11
CVE-2011-2406 [LOW] CWE-79 CVE-2011-2406: Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.
Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
nvd