Skip to main content

Insight Diagnostics

3 CVEs product

Monthly

CVE-2013-3575 MEDIUM POC THREAT This Month

hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote attackers to include arbitrary. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 25.0%.

PHP Information Disclosure HP Insight Diagnostics
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
25.0%
CVE-2013-3574 HIGH POC THREAT Act Now

Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insight Diagnostics 9.4.0.4710 allows remote attackers to write data to arbitrary files via a full. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 23.0%.

PHP Path Traversal HP Insight Diagnostics
NVD Exploit-DB
CVSS 2.0
7.8
EPSS
23.0%
CVE-2013-3573 CRITICAL Act Now

HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection HP Insight Diagnostics
NVD
CVSS 2.0
10.0
EPSS
1.1%
EPSS 25% CVSS 5.0
MEDIUM POC THREAT This Month

hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote attackers to include arbitrary. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 25.0%.

PHP Information Disclosure HP +1
NVD Exploit-DB
EPSS 23% CVSS 7.8
HIGH POC THREAT Act Now

Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insight Diagnostics 9.4.0.4710 allows remote attackers to write data to arbitrary files via a full. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 23.0%.

PHP Path Traversal HP +1
NVD Exploit-DB
EPSS 1% CVSS 10.0
CRITICAL Act Now

HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection HP Insight Diagnostics
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy