Hp Operations Orchestration vulnerabilities
11 known vulnerabilities affecting hp/operations_orchestration.
Total CVEs
11
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH2MEDIUM4LOW1
Vulnerabilities
Page 1 of 1
CVE-2016-8519P2CRITICALCVSS 9.8fixed in 10.702018-02-15
CVE-2016-8519 [CRITICAL] CWE-502 CVE-2016-8519: A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterpri
A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found.
nvd
CVE-2016-1997P2CRITICALCVSS 9.8v10.0v10.01+7 more2016-03-22
CVE-2016-1997 [CRITICAL] CWE-20 CVE-2016-1997: HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 all
HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
nvd
CVE-2017-8994P2CRITICALCVSS 9.8≤ 10.702017-10-10
CVE-2017-8994 [CRITICAL] CWE-20 CVE-2017-8994: A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80
A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely.
nvd
CVE-2012-3258P3CRITICALCVSS 10.0v9.02012-09-19
CVE-2012-3258 [CRITICAL] CVE-2012-3258: Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to
Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors.
nvd
CVE-2015-2109P3HIGHCVSS 7.5v10.02015-03-31
CVE-2015-2109 [HIGH] CVE-2015-2109: Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass auth
Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors.
nvd
CVE-2018-6490P4HIGHCVSS 7.5v10.02018-03-02
CVE-2018-6490 [HIGH] CWE-20 CVE-2018-6490: Denial of Service vulnerability in Micro Focus Operations Orchestration Software, version 10.x. This
Denial of Service vulnerability in Micro Focus Operations Orchestration Software, version 10.x. This vulnerability could be remotely exploited to allow Denial of Service.
nvd
CVE-2015-5451P4MEDIUMCVSS 6.8≤ 10.22.02015-11-23
CVE-2015-5451 [MEDIUM] CWE-352 CVE-2015-5451: Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 1
Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
nvd
CVE-2013-6192P4MEDIUMCVSS 6.8≤ 7.5v7.1+1 more2013-12-17
CVE-2013-6192 [MEDIUM] CWE-352 CVE-2013-6192: Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration before 9 allows remot
Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration before 9 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
nvd
CVE-2013-6191P4MEDIUMCVSS 4.3≤ 7.5v7.1+1 more2013-12-17
CVE-2013-6191 [MEDIUM] CWE-79 CVE-2013-6191: Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attac
Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2010-3985P4MEDIUMCVSS 4.3≤ 7.5v7.1+1 more2010-10-26
CVE-2010-3985 [MEDIUM] CWE-79 CVE-2010-3985: Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Ex
Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Explorer 6.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2015-2108P4LOWCVSS 3.5v9.0v10.02015-03-31
CVE-2015-2108 [LOW] CWE-200 CVE-2015-2108: Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allow
Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors.
nvd