Skip to main content

Service Virtualization

2 CVEs product

Monthly

CVE-2018-6499 CRITICAL Act Now

Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection RCE Data Center Automation Hybrid Cloud Management Network Operations Management +5
NVD
CVSS 3.0
9.8
EPSS
2.4%
CVE-2013-6221 CRITICAL POC THREAT Emergency

Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x before 3.50.1, when the AutoPass license server is enabled, allows remote attackers to create arbitrary. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 84.1%.

Path Traversal HP RCE Service Virtualization
NVD Exploit-DB GitHub
CVSS 2.0
10.0
EPSS
84.1%
Threat
6.0
EPSS 2% CVSS 9.8
CRITICAL Act Now

Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection RCE Data Center Automation +7
NVD
EPSS 84% 6.0 CVSS 10.0
CRITICAL POC THREAT Emergency

Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x before 3.50.1, when the AutoPass license server is enabled, allows remote attackers to create arbitrary. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 84.1%.

Path Traversal HP RCE +1
NVD Exploit-DB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy