Latest Vulnerabilities Affecting HP products

Date	CVE	Title	CVSS
2019-08-09	CVE-2019-5398	Cross-Site Scripting (XSS) vulnerability in HP 3Par Service Processor and 3Par Service Processor Firmware	Low
2019-08-09	CVE-2019-5403	Cross-Site Scripting (XSS) vulnerability in HP 3Par Storeserv Management Console /3.3.1/3.5	Low
2019-08-09	CVE-2019-5405	Improper Authorization vulnerability in HP 3Par Storeserv Management Console /3.3.1/3.5	Medium
2019-08-09	CVE-2019-5408	Permissions, Privileges, and Access Control vulnerability in HP XP7 Replication Manager and XP7 Tiered Storage Manager	Medium
2019-08-09	CVE-2019-5404	Injection vulnerability in HP 3Par Storeserv Management Console /3.3.1/3.5	High
2019-08-09	CVE-2019-5402	Improper Authorization vulnerability in HP 3Par Storeserv Management Console /3.3.1/3.5	High
2019-08-09	CVE-2019-5406	Session Fixation vulnerability in HP 3Par Storeserv Management Console /3.3.1/3.5	High
2019-08-09	CVE-2019-5407	Information Leak / Disclosure vulnerability in HP 3Par Storeserv Management Console /3.3.1/3.5	Medium
2019-08-09	CVE-2019-5397	Security Features vulnerability in HP 3Par Service Processor and 3Par Service Processor Firmware	High
2019-08-09	CVE-2019-5399	Improper Authorization vulnerability in HP 3Par Service Processor and 3Par Service Processor Firmware	High
2019-08-09	CVE-2019-5400	Session Fixation vulnerability in HP 3Par Service Processor and 3Par Service Processor Firmware	Medium
2019-08-09	CVE-2019-5396	Authentication Issues vulnerability in HP 3Par Service Processor and 3Par Service Processor Firmware	High
2019-08-09	CVE-2019-5395	Unrestricted Upload of File with Dangerous Type vulnerability in HP 3Par Service Processor and 3Par Service Processor Firmware	Medium
2019-08-01	CVE-2019-5401	Cross-Site Scripting (XSS) vulnerability in HP Hp2910Al 48G Firmware w.15.14.00.16	Low
2019-07-25	CVE-2019-3486	Cross-Site Scripting (XSS) vulnerability in HP Arcsight Management Center 2.9.1	Medium

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.