Vulnerabilities > HP > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-08-06 CVE-2018-7071 Information Exposure vulnerability in HP Network Function Virtualization Director 4.2.1
HPE has identified a remote access to sensitive information vulnerability in HPE Network Function Virtualization Director (NFVD) 4.2.1 prior to gui patch 3.
network
low complexity
hp CWE-200
4.3
2018-08-06 CVE-2018-7070 Information Exposure vulnerability in HP Centralview Fraud Risk Management
HPE has identified a remote disclosure of information vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1.
network
low complexity
hp CWE-200
5.3
2018-08-06 CVE-2018-7068 HTTP Request Smuggling vulnerability in HP Centralview Fraud Risk Management
HPE has identified a remote HOST header attack vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1.
network
low complexity
hp CWE-444
6.1
2018-08-06 CVE-2017-9002 Cross-site Scripting vulnerability in HP Aruba Clearpass Policy Manager
All versions of Aruba ClearPass prior to 6.6.8 contain reflected cross-site scripting vulnerabilities.
network
low complexity
hp CWE-79
6.1
2018-08-06 CVE-2017-8991 Cross-site Scripting vulnerability in HP Centralview Fraud Risk Management
HPE has identified a cross site scripting (XSS) vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1.
network
low complexity
hp CWE-79
5.4
2018-08-06 CVE-2016-8527 Cross-site Scripting vulnerability in HP Airwave
Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to a reflected cross-site scripting (XSS).
network
low complexity
hp CWE-79
6.1
2018-08-06 CVE-2016-4406 Cross-site Scripting vulnerability in HP products
A remote cross site scripting vulnerability was identified in HPE iLO 3 all version prior to v1.88 and HPE iLO 4 all versions prior to v2.44.
network
low complexity
hp CWE-79
6.1
2018-08-06 CVE-2016-4400 Cross-site Scripting vulnerability in HP Network Node Manager I 10.00/10.01/10.10
A security vulnerability was identified in HP Network Node Manager i (NNMi) Software 10.00, 10.01 (patch1), 10.01 (patch 2), 10.10.
network
low complexity
hp CWE-79
5.4
2018-08-06 CVE-2016-4399 Cross-site Scripting vulnerability in HP Network Node Manager I 10.00/10.01/10.10
A security vulnerability was identified in HP Network Node Manager i (NNMi) Software 10.00, 10.01 (patch1), 10.01 (patch 2), 10.10.
network
low complexity
hp CWE-79
5.4
2018-08-06 CVE-2016-4392 Cross-site Scripting vulnerability in HP Business Service Management
A remote cross site scripting vulnerability has been identified in HP Business Service Management software v9.1x, v9.20 - v9.25IP1.
network
low complexity
hp CWE-79
5.4