Vulnerabilities > HP > Universal Cmbd Foundation > 10.0

DATE CVE VULNERABILITY TITLE RISK
2016-06-08 CVE-2016-4368 Improper Input Validation vulnerability in HP products
HPE Universal CMDB 10.0 through 10.21, Universal CMDB Configuration Manager 10.0 through 10.21, and Universal Discovery 10.0 through 10.21 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
network
low complexity
hp CWE-20
7.5
7.5
2016-06-08 CVE-2016-4367 Information Exposure vulnerability in HP Universal Cmbd Foundation
The Universal Discovery component in HPE Universal CMDB 10.0, 10.01, 10.10, 10.11, 10.20, and 10.21 allows remote attackers to obtain sensitive information via unspecified vectors.
network
low complexity
hp CWE-200
5.0
5.0
2016-04-12 CVE-2016-2001 Information Disclosure vulnerability in HP UCMDB
HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11, and 10.20 allows remote attackers to obtain sensitive information or conduct URL redirection attacks via unspecified vectors.
network
hp
5.8
5.8