Vulnerabilities > HP > Network Automation > 9.22
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-15 | CVE-2017-5814 | SQL Injection vulnerability in HP Network Automation A remote sql injection authentication bypass in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found. | 9.8 |
| 2018-02-15 | CVE-2017-5813 | Unspecified vulnerability in HP Network Automation A remote unauthenticated access vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found. | 6.3 |
| 2018-02-15 | CVE-2017-5812 | SQL Injection vulnerability in HP Network Automation A remote sql information disclosure vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found. | 7.5 |
| 2018-02-15 | CVE-2017-5811 | Information Exposure vulnerability in HP Network Automation A remote code execution vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found. | 7.5 |
| 2018-02-15 | CVE-2017-5810 | SQL Injection vulnerability in HP Network Automation A remote sql injection vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found. | 9.8 |
| 2018-02-15 | CVE-2016-8511 | Deserialization of Untrusted Data vulnerability in HP Network Automation A Remote Code Execution vulnerability in HPE Network Automation using RPCServlet and Java Deserialization version v9.1x, v9.2x, v10.00, v10.00.01, v10.00.02, v10.10, v10.11, v10.11.01, v10.20 was found. | 9.8 |
| 2016-09-29 | CVE-2016-4385 | Deserialization of Untrusted Data vulnerability in HP Network Automation The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) and Commons BeanUtils libraries. | 7.3 |
| 2016-03-15 | CVE-2016-1989 | Unspecified vulnerability in HP Network Automation HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1988. | 9.8 |
| 2016-03-15 | CVE-2016-1988 | Unspecified vulnerability in HP Network Automation HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1989. | 9.8 |