System Management Homepage
by HPE
CVEs (19)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-1995 | Cri | 0.65 | 9.8 | 0.10 | Mar 18, 2016 | HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors. | ||
| CVE-2016-1993 | Hig | 0.53 | 8.1 | 0.02 | Mar 18, 2016 | HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors. | ||
| CVE-2016-1996 | Hig | 0.50 | 7.7 | 0.01 | Mar 18, 2016 | HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors. | ||
| CVE-2017-12545 | Hig | 0.49 | 7.5 | 0.07 | Feb 15, 2018 | A remote denial of service vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found. | ||
| CVE-2016-4396 | Hig | 0.49 | 7.5 | 0.04 | Oct 28, 2016 | HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue. | ||
| CVE-2016-4395 | Hig | 0.49 | 7.5 | 0.04 | Oct 28, 2016 | HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue. | ||
| CVE-2016-2015 | Hig | 0.46 | 7.1 | 0.00 | May 14, 2016 | HPE System Management Homepage before 7.5.5 allows local users to obtain sensitive information or modify data via unspecified vectors. | ||
| CVE-2016-4394 | Med | 0.42 | 6.5 | 0.03 | Oct 28, 2016 | HPE System Management Homepage before v7.6 allows remote attackers to obtain sensitive information via unspecified vectors, related to an "HSTS" issue. | ||
| CVE-2016-1994 | Med | 0.42 | 6.5 | 0.02 | Mar 18, 2016 | HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors. | ||
| CVE-2017-12553 | Med | 0.36 | 5.6 | 0.00 | Feb 15, 2018 | A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found. | ||
| CVE-2017-12552 | Med | 0.36 | 5.6 | 0.00 | Feb 15, 2018 | A local arbitrary execution of commands vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found. | ||
| CVE-2017-12551 | Med | 0.36 | 5.6 | 0.00 | Feb 15, 2018 | A local arbitrary execution of commands vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found. | ||
| CVE-2017-12550 | Med | 0.36 | 5.6 | 0.00 | Feb 15, 2018 | A local security misconfiguration vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found. | ||
| CVE-2017-12549 | Med | 0.36 | 5.6 | 0.00 | Feb 15, 2018 | A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found. | ||
| CVE-2017-12548 | Med | 0.36 | 5.6 | 0.00 | Feb 15, 2018 | A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found. | ||
| CVE-2017-12547 | Med | 0.36 | 5.6 | 0.00 | Feb 15, 2018 | A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found. | ||
| CVE-2017-12546 | Med | 0.36 | 5.6 | 0.00 | Feb 15, 2018 | A local buffer overflow vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found. | ||
| CVE-2017-12544 | Med | 0.35 | 5.4 | 0.05 | Feb 15, 2018 | A cross-site scripting vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found. | ||
| CVE-2016-4393 | Med | 0.35 | 5.4 | 0.01 | Oct 28, 2016 | HPE System Management Homepage before v7.6 allows "remote authenticated" attackers to obtain sensitive information via unspecified vectors, related to an "XSS" issue. |
- risk 0.65cvss 9.8epss 0.10
HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors.
- risk 0.53cvss 8.1epss 0.02
HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
- risk 0.50cvss 7.7epss 0.01
HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors.
- risk 0.49cvss 7.5epss 0.07
A remote denial of service vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
- risk 0.49cvss 7.5epss 0.04
HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue.
- risk 0.49cvss 7.5epss 0.04
HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue.
- risk 0.46cvss 7.1epss 0.00
HPE System Management Homepage before 7.5.5 allows local users to obtain sensitive information or modify data via unspecified vectors.
- risk 0.42cvss 6.5epss 0.03
HPE System Management Homepage before v7.6 allows remote attackers to obtain sensitive information via unspecified vectors, related to an "HSTS" issue.
- risk 0.42cvss 6.5epss 0.02
HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors.
- risk 0.36cvss 5.6epss 0.00
A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
- risk 0.36cvss 5.6epss 0.00
A local arbitrary execution of commands vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
- risk 0.36cvss 5.6epss 0.00
A local arbitrary execution of commands vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
- risk 0.36cvss 5.6epss 0.00
A local security misconfiguration vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
- risk 0.36cvss 5.6epss 0.00
A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
- risk 0.36cvss 5.6epss 0.00
A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
- risk 0.36cvss 5.6epss 0.00
A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
- risk 0.36cvss 5.6epss 0.00
A local buffer overflow vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
- risk 0.35cvss 5.4epss 0.05
A cross-site scripting vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
- risk 0.35cvss 5.4epss 0.01
HPE System Management Homepage before v7.6 allows "remote authenticated" attackers to obtain sensitive information via unspecified vectors, related to an "XSS" issue.