Hp Sitescope vulnerabilities

23 known vulnerabilities affecting hp/sitescope.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL8HIGH8MEDIUM7

Vulnerabilities

Page 1 of 2

CVE-2015-2802HIGHCVSS 7.5≥ 11.20, ≤ 11.24v11.302020-02-04

CVE-2015-2802 [HIGH] CWE-200 CVE-2015-2802: An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and S An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and Solaris, HP Asset Manager 9.30 through 9.32, 9.40 through 9.41, 9.50, and Asset Manager Cloudsystem Chargeback 9.40, which could let a remote malicious user obtain sensitive information. This is the TLS vulnerability known as the RC4 cipher Bar Mitzvah vul

nvd

CVE-2017-8952HIGHCVSS 7.5v11.20v11.21+9 more2018-02-15

CVE-2017-8952 [HIGH] CWE-200 CVE-2017-8952: A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was foun A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.

nvd

CVE-2017-8951HIGHCVSS 7.8v11.20v11.21+9 more2018-02-15

CVE-2017-8951 [HIGH] CWE-200 CVE-2017-8951: A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was foun A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.

nvd

CVE-2017-8949MEDIUMCVSS 5.5v11.20v11.21+9 more2018-02-15

CVE-2017-8949 [MEDIUM] CVE-2017-8949: A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was foun A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.

nvd

CVE-2017-8950MEDIUMCVSS 5.5v11.20v11.21+9 more2018-02-15

CVE-2017-8950 [MEDIUM] CWE-200 CVE-2017-8950: A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was foun A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.

nvd

CVE-2017-14349CRITICALCVSS 9.8v11.20v11.21+9 more2017-09-30

CVE-2017-14349 [CRITICAL] CWE-269 CVE-2017-14349: An authentication vulnerability in HPE SiteScope product versions 11.2x and 11.3x, allows read-only An authentication vulnerability in HPE SiteScope product versions 11.2x and 11.3x, allows read-only accounts to view all SiteScope interfaces and monitors, potentially exposing sensitive data.

nvd

CVE-2015-2120HIGHCVSS 8.7v11.13v11.24.391+1 more2015-05-25

CVE-2015-2120 [HIGH] CVE-2015-2120: Unspecified vulnerability in HP SiteScope 11.1x before 11.13, 11.2x before 11.24.391, and 11.3x befo Unspecified vulnerability in HP SiteScope 11.1x before 11.13, 11.2x before 11.24.391, and 11.3x before 11.30.521 allows remote authenticated users to gain privileges via unknown vectors, aka ZDI-CAN-2567.

nvd

CVE-2014-7882MEDIUMCVSS 5.5v11.10v11.11+7 more2015-02-02

CVE-2014-7882 [MEDIUM] CWE-264 CVE-2014-7882: Unspecified vulnerability in HP SiteScope 11.1x and 11.2x allows remote authenticated users to gain Unspecified vulnerability in HP SiteScope 11.1x and 11.2x allows remote authenticated users to gain privileges via unknown vectors.

nvd

CVE-2014-2614HIGHCVSS 7.5v11.10v11.11+7 more2014-07-07

CVE-2014-2614 [HIGH] CWE-287 CVE-2014-2614: Unspecified vulnerability in HP SiteScope 11.1x through 11.13 and 11.2x through 11.24 allows remote Unspecified vulnerability in HP SiteScope 11.1x through 11.13 and 11.2x through 11.24 allows remote attackers to bypass authentication via unknown vectors, aka ZDI-CAN-2140.

nvd

CVE-2013-6207CRITICALCVSS 9.4v10.10v10.11+6 more2014-03-11

CVE-2013-6207 [CRITICAL] CVE-2013-6207: Unspecified vulnerability in the loadFileContents function in the SOAP implementation in HP SiteScop Unspecified vulnerability in the loadFileContents function in the SOAP implementation in HP SiteScope 10.1x, 11.1x, and 11.21 allows remote attackers to read arbitrary files or cause a denial of service via unknown vectors, aka ZDI-CAN-2084.

nvd

CVE-2013-4835HIGHCVSS 7.5PoCv10.11v10.13+7 more2013-11-04

CVE-2013-4835 [HIGH] CVE-2013-4835: The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x before 11.22 allows remote attacker The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x before 11.22 allows remote attackers to bypass authentication and execute arbitrary code via a direct request to the issueSiebelCmd method, aka ZDI-CAN-1765.

nvd

CVE-2013-2367CRITICALCVSS 10.0PoCv11.20v11.212013-07-31

CVE-2013-2367 [CRITICAL] CVE-2013-2367: Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21, when SOAP is used, allow remot Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21, when SOAP is used, allow remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1678.

nvd

CVE-2012-3261CRITICALCVSS 10.0v11.10v11.11+1 more2012-09-25

CVE-2012-3261 [CRITICAL] CVE-2012-3261: Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attack Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1463.

nvd

CVE-2012-3263CRITICALCVSS 10.0v11.10v11.11+1 more2012-09-25

CVE-2012-3263 [CRITICAL] CVE-2012-3263: Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attack Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1465.

nvd

CVE-2012-3262CRITICALCVSS 10.0v11.10v11.11+1 more2012-09-25

CVE-2012-3262 [CRITICAL] CVE-2012-3262: Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attack Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1464.

nvd

CVE-2012-3259CRITICALCVSS 10.0v11.10v11.11+1 more2012-09-25

CVE-2012-3259 [CRITICAL] CVE-2012-3259: Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attack Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1461.

nvd

CVE-2012-3260CRITICALCVSS 10.0v11.10v11.11+1 more2012-09-25

CVE-2012-3260 [CRITICAL] CVE-2012-3260: Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attack Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1462.

nvd

CVE-2012-3264HIGHCVSS 7.5v11.10v11.11+1 more2012-09-25

CVE-2012-3264 [HIGH] CVE-2012-3264: Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attack Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1472.

nvd

CVE-2011-2401HIGHCVSS 8.3v9.0v9.54+4 more2011-07-29

CVE-2011-2401 [HIGH] CVE-2011-2401: Session fixation vulnerability in HP SiteScope 9.x, 10.x, and 11.x allows remote attackers to hijack Session fixation vulnerability in HP SiteScope 9.x, 10.x, and 11.x allows remote attackers to hijack web sessions via unspecified vectors.

nvd

CVE-2011-2400MEDIUMCVSS 4.3v9.0v9.54+4 more2011-07-29

CVE-2011-2400 [MEDIUM] CWE-79 CVE-2011-2400: Cross-site scripting (XSS) vulnerability in HP SiteScope 9.x, 10.x, and 11.x allows remote attackers Cross-site scripting (XSS) vulnerability in HP SiteScope 9.x, 10.x, and 11.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

nvd

1 / 2Next →