VYPR

Storage Data Protector

by Microfocus

CVEs (61)

  • CVE-2016-2004CriApr 21, 2016
    risk 0.74cvss 9.8epss 0.94

    HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2623.

  • CVE-2016-2008CriApr 21, 2016
    risk 0.65cvss 9.8epss 0.10

    HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors.

  • CVE-2016-2007CriApr 21, 2016
    risk 0.65cvss 9.8epss 0.20

    HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3354.

  • CVE-2016-2006CriApr 21, 2016
    risk 0.65cvss 9.8epss 0.20

    HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3353.

  • CVE-2016-2005CriApr 21, 2016
    risk 0.65cvss 9.8epss 0.20

    HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3352.

  • CVE-2014-2623Jul 18, 2014
    risk 0.10cvss epss 0.89

    Unspecified vulnerability in HP Storage Data Protector 8.x allows remote attackers to execute arbitrary code via unknown vectors.

  • CVE-2013-2333Jun 6, 2013
    risk 0.10cvss epss 0.90

    Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1680.

  • CVE-2011-1865Jul 1, 2011
    risk 0.10cvss epss 0.89

    Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted parameters.

  • CVE-2011-0923Feb 9, 2011
    risk 0.09cvss epss 0.81

    The client in HP Data Protector does not properly validate EXEC_CMD arguments, which allows remote attackers to execute arbitrary Perl code via a crafted command, related to the "local bin directory."

  • CVE-2013-6194Jan 4, 2014
    risk 0.08cvss epss 0.66

    Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1905.

  • CVE-2013-2347Jan 4, 2014
    risk 0.08cvss epss 0.66

    The Backup Client Service (OmniInet.exe) in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary commands or cause a denial of service via a crafted EXEC_BAR packet to TCP port 5555, aka ZDI-CAN-1885.

  • CVE-2011-0922Feb 9, 2011
    risk 0.08cvss epss 0.64

    The client in HP Data Protector allows remote attackers to execute arbitrary programs via an EXEC_SETUP command that references a UNC share pathname.

  • CVE-2007-2280Dec 18, 2009
    risk 0.08cvss epss 0.60

    Stack-based buffer overflow in OmniInet.exe (aka the backup client service daemon) in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via an MSG_PROTOCOL command with long arguments,…

  • CVE-2011-0514Jan 20, 2011
    risk 0.07cvss epss 0.49

    The RDS service (rds.exe) in HP Data Protector Manager 6.11 allows remote attackers to cause a denial of service (crash) via a packet with a large data size to TCP port 1530.

  • CVE-2019-11660Sep 13, 2019
    risk 0.06cvss epss 0.08

    Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges.

  • CVE-2013-2335Jun 6, 2013
    risk 0.05cvss epss 0.61

    Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1733.

  • CVE-2013-2332Jun 6, 2013
    risk 0.05cvss epss 0.62

    Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1654.

  • CVE-2013-2331Jun 6, 2013
    risk 0.05cvss epss 0.61

    Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1652.

  • CVE-2013-2330Jun 6, 2013
    risk 0.05cvss epss 0.61

    Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1638.

  • CVE-2013-2329Jun 6, 2013
    risk 0.05cvss epss 0.61

    Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1637.

Page 1 of 4