Vulnerabilities > HP > SAN IQ > 9.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-07-10 | CVE-2013-2352 | Credentials Management vulnerability in HP San/Iq LeftHand OS (aka SAN iQ) 10.5 and earlier on HP StoreVirtual Storage devices does not provide a mechanism for disabling the HP Support challenge-response root-login feature, which makes it easier for remote attackers to obtain administrative access by leveraging knowledge of an unused one-time password. | 9.4 |
| 2013-02-06 | CVE-2012-3285 | Unspecified vulnerability in HP Lefthand P4000 Virtual SAN Appliance and San/Iq Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1513. | 10.0 |
| 2013-02-06 | CVE-2012-3284 | Unspecified vulnerability in HP Lefthand P4000 Virtual SAN Appliance and San/Iq Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1512. | 10.0 |
| 2013-02-06 | CVE-2012-3283 | Unspecified vulnerability in HP Lefthand P4000 Virtual SAN Appliance and San/Iq Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1511. | 10.0 |
| 2013-02-06 | CVE-2012-3282 | Unspecified vulnerability in HP Lefthand P4000 Virtual SAN Appliance and San/Iq Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1468. | 10.0 |
| 2012-08-20 | CVE-2012-4362 | Credentials Management vulnerability in HP San/Iq 9.5 hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management service via a login: request to TCP port 13838. | 4.0 |
| 2012-08-20 | CVE-2012-2986 | OS Command Injection vulnerability in HP San/Iq 9.5 lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) first, (2) third, or (3) fourth parameter. | 7.7 |