Hp San Iq vulnerabilities
9 known vulnerabilities affecting hp/san_iq.
Total CVEs
9
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
CRITICAL6HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2012-4361P2HIGHCVSS 7.7PoC≤ 9.0v8.0+2 more2012-08-20
CVE-2012-4361 [HIGH] CWE-78 CVE-2012-4361: lhn/public/network/ping in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance allows remote authen
lhn/public/network/ping in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the second parameter.
nvd
CVE-2012-3282P2CRITICALCVSS 10.0PoC≤ 9.5v8.0+3 more2013-02-06
CVE-2012-3282 [CRITICAL] CVE-2012-3282: Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 a
Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1468.
nvd
CVE-2012-2986P3HIGHCVSS 7.7PoCv9.52012-08-20
CVE-2012-2986 [HIGH] CWE-78 CVE-2012-2986: lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN Appliance allows remote authenticated
lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) first, (2) third, or (3) fourth parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4361.
nvd
CVE-2011-4157P3CRITICALCVSS 10.0≤ 9.0v8.0+2 more2011-11-16
CVE-2011-4157 [CRITICAL] CWE-119 CVE-2011-4157: Stack-based buffer overflow in hydra.exe in HP SAN/iQ before 9.5 on the HP StorageWorks P4000 Virtua
Stack-based buffer overflow in hydra.exe in HP SAN/iQ before 9.5 on the HP StorageWorks P4000 Virtual SAN Appliance allows remote attackers to execute arbitrary code via a crafted login request.
nvd
CVE-2012-3283P3CRITICALCVSS 10.0≤ 9.5v8.0+3 more2013-02-06
CVE-2012-3283 [CRITICAL] CVE-2012-3283: Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 a
Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1511.
nvd
CVE-2012-3284P3CRITICALCVSS 10.0≤ 9.5v8.0+3 more2013-02-06
CVE-2012-3284 [CRITICAL] CVE-2012-3284: Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 a
Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1512.
nvd
CVE-2012-3285P3CRITICALCVSS 10.0≤ 9.5v8.0+3 more2013-02-06
CVE-2012-3285 [CRITICAL] CVE-2012-3285: Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 a
Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1513.
nvd
CVE-2013-2352P3CRITICALCVSS 9.4≤ 10.5v8.0+5 more2013-07-10
CVE-2013-2352 [CRITICAL] CWE-255 CVE-2013-2352: LeftHand OS (aka SAN iQ) 10.5 and earlier on HP StoreVirtual Storage devices does not provide a mech
LeftHand OS (aka SAN iQ) 10.5 and earlier on HP StoreVirtual Storage devices does not provide a mechanism for disabling the HP Support challenge-response root-login feature, which makes it easier for remote attackers to obtain administrative access by leveraging knowledge of an unused one-time password.
nvd
CVE-2012-4362P4MEDIUMCVSS 4.0PoCv9.52012-08-20
CVE-2012-4362 [MEDIUM] CWE-255 CVE-2012-4362: hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu
hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management service via a login: request to TCP port 13838.
nvd