Skip to main content

Network Automation

9 CVEs product

Monthly

CVE-2021-38123 MEDIUM This Month

Open Redirect vulnerability in Micro Focus Network Automation, affecting Network Automation versions 10.4x, 10.5x, 2018.05, 2018.11, 2019.05, 2020.02, 2020.08, 2020.11, 2021.05. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Network Automation
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2019-3493 HIGH This Week

A potential security vulnerability has been identified in Micro Focus Network Automation Software 9.20, 9.21, 10.00, 10.10, 10.20, 10.30, 10.40, 10.50, 2018.05, 2018.08, 2018.11, and Micro Focus. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Network Automation Network Operations Management
NVD
CVSS 3.0
8.8
EPSS
1.8%
CVE-2018-6493 HIGH This Week

SQL Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi HP Network Operations Management Ultimate Network Automation
NVD
CVSS 3.1
8.8
EPSS
2.0%
CVE-2018-6492 MEDIUM This Month

Persistent Cross-Site Scripting, and non-persistent HTML Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

HP XSS Network Operations Management Ultimate Network Automation
NVD
CVSS 3.0
6.1
EPSS
1.6%
CVE-2016-4386 HIGH This Week

HPE Network Automation Software 10.10 allows local users to write to arbitrary files via unspecified vectors. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Network Automation
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-4385 HIGH This Week

The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization HP Java Apache Network Automation
NVD
CVSS 3.0
7.3
EPSS
3.7%
CVE-2016-1989 CRITICAL PATCH Act Now

HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.5%.

RCE Network Automation
NVD
CVSS 3.0
9.8
EPSS
13.5%
CVE-2016-1988 CRITICAL PATCH Act Now

HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.5%.

RCE Network Automation
NVD
CVSS 3.0
9.8
EPSS
13.5%
CVE-2014-2646 HIGH This Week

Unspecified vulnerability in HP Network Automation 9.10 and 9.20 allows local users to bypass intended access restrictions via unknown vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

HP Privilege Escalation Network Automation
NVD
CVSS 2.0
7.2
EPSS
0.1%
EPSS 1% CVSS 6.1
MEDIUM This Month

Open Redirect vulnerability in Micro Focus Network Automation, affecting Network Automation versions 10.4x, 10.5x, 2018.05, 2018.11, 2019.05, 2020.02, 2020.08, 2020.11, 2021.05. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Network Automation
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A potential security vulnerability has been identified in Micro Focus Network Automation Software 9.20, 9.21, 10.00, 10.10, 10.20, 10.30, 10.40, 10.50, 2018.05, 2018.08, 2018.11, and Micro Focus. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Network Automation Network Operations Management
NVD
EPSS 2% CVSS 8.8
HIGH This Week

SQL Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi HP Network Operations Management Ultimate +1
NVD
EPSS 2% CVSS 6.1
MEDIUM This Month

Persistent Cross-Site Scripting, and non-persistent HTML Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

HP XSS Network Operations Management Ultimate +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

HPE Network Automation Software 10.10 allows local users to write to arbitrary files via unspecified vectors. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Network Automation
NVD
EPSS 4% CVSS 7.3
HIGH This Week

The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization HP Java +2
NVD
EPSS 14% CVSS 9.8
CRITICAL PATCH Act Now

HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.5%.

RCE Network Automation
NVD
EPSS 14% CVSS 9.8
CRITICAL PATCH Act Now

HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.5%.

RCE Network Automation
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Unspecified vulnerability in HP Network Automation 9.10 and 9.20 allows local users to bypass intended access restrictions via unknown vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

HP Privilege Escalation Network Automation
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy