Skip to main content

Universal Configuration Management Database

7 CVEs product

Monthly

CVE-2015-5440 MEDIUM This Month

HP UCMDB 10.00 and 10.01 before 10.01CUP12, 10.10 and 10.11 before 10.11CUP6, and 10.2x before 10.21 allows local users to obtain sensitive information via unspecified vectors. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

HP Information Disclosure Universal Configuration Management Database
NVD
CVSS 2.0
4.9
EPSS
0.2%
CVE-2014-7883 MEDIUM POC THREAT This Month

HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 57.7%.

HP Information Disclosure Universal Configuration Management Database
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
57.7%
Threat
4.2
CVE-2014-2617 CRITICAL Emergency

Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2104. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 41.2% and no vendor patch available.

HP RCE Universal Configuration Management Database
NVD
CVSS 2.0
10.0
EPSS
41.2%
CVE-2014-2616 HIGH This Week

Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2091. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP RCE Universal Configuration Management Database
NVD
CVSS 2.0
7.5
EPSS
7.6%
CVE-2014-2615 HIGH This Week

Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2083. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP RCE Universal Configuration Management Database
NVD
CVSS 2.0
7.5
EPSS
7.6%
CVE-2013-6215 HIGH This Week

Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 10.01 and 10.10 allows remote authenticated users to execute arbitrary code via unknown vectors,. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

HP RCE Universal Configuration Management Database
NVD VulDB
CVSS 2.0
8.5
EPSS
0.5%
CVE-2013-6214 MEDIUM This Month

Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 9.05, 10.01, and 10.10 allows remote authenticated users to obtain sensitive information via. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP Information Disclosure Universal Configuration Management Database
NVD VulDB
CVSS 2.0
4.0
EPSS
0.2%
EPSS 0% CVSS 4.9
MEDIUM This Month

HP UCMDB 10.00 and 10.01 before 10.01CUP12, 10.10 and 10.11 before 10.11CUP6, and 10.2x before 10.21 allows local users to obtain sensitive information via unspecified vectors. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

HP Information Disclosure Universal Configuration Management Database
NVD
EPSS 58% 4.2 CVSS 5.0
MEDIUM POC THREAT This Month

HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 57.7%.

HP Information Disclosure Universal Configuration Management Database
NVD Exploit-DB
EPSS 41% CVSS 10.0
CRITICAL Emergency

Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2104. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 41.2% and no vendor patch available.

HP RCE Universal Configuration Management Database
NVD
EPSS 8% CVSS 7.5
HIGH This Week

Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2091. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP RCE Universal Configuration Management Database
NVD
EPSS 8% CVSS 7.5
HIGH This Week

Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2083. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP RCE Universal Configuration Management Database
NVD
EPSS 1% CVSS 8.5
HIGH This Week

Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 10.01 and 10.10 allows remote authenticated users to execute arbitrary code via unknown vectors,. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

HP RCE Universal Configuration Management Database
NVD VulDB
EPSS 0% CVSS 4.0
MEDIUM This Month

Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 9.05, 10.01, and 10.10 allows remote authenticated users to obtain sensitive information via. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP Information Disclosure Universal Configuration Management Database
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy