Vulnerabilities > HP > Network Automation > 10.20

DATE CVE VULNERABILITY TITLE RISK
2018-05-22 CVE-2018-6493 SQL Injection vulnerability in HP products
SQL Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50.
network
low complexity
hp CWE-89
8.8
8.8
2018-05-22 CVE-2018-6492 Cross-site Scripting vulnerability in HP products
Persistent Cross-Site Scripting, and non-persistent HTML Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50.
network
low complexity
hp CWE-79
6.1
6.1
2018-02-15 CVE-2016-8511 Deserialization of Untrusted Data vulnerability in HP Network Automation
A Remote Code Execution vulnerability in HPE Network Automation using RPCServlet and Java Deserialization version v9.1x, v9.2x, v10.00, v10.00.01, v10.00.02, v10.10, v10.11, v10.11.01, v10.20 was found.
network
low complexity
hp CWE-502
critical
 9.8
9.8