Storage Data Protector
by Microfocus
CVEs (61)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2011-1733 | 0.01 | — | 0.14 | May 7, 2011 | Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed HPFGConfig message. | |||
| CVE-2011-1731 | 0.01 | — | 0.15 | May 7, 2011 | Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_INTEGUTIL message. | |||
| CVE-2011-1730 | 0.01 | — | 0.14 | May 7, 2011 | Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_SCRIPT message. | |||
| CVE-2011-1729 | 0.01 | — | 0.14 | May 7, 2011 | Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed GET_FILE message. | |||
| CVE-2011-1728 | 0.01 | — | 0.14 | May 7, 2011 | Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_BAR message. | |||
| CVE-2011-0921 | 0.01 | — | 0.11 | Feb 9, 2011 | crs.exe in the Cell Manager Service in the client in HP Data Protector does not properly validate credentials associated with the hostname, domain, and username, which allows remote attackers to execute arbitrary code by sending unspecified data over TCP, related to the… | |||
| CVE-2011-0273 | 0.01 | — | 0.13 | Jan 25, 2011 | Buffer overflow in crs.exe in HP OpenView Storage Data Protector Cell Manager 6.11 allows remote attackers to execute arbitrary code via unspecified message types. | |||
| CVE-2007-2281 | 0.01 | — | 0.09 | Dec 18, 2009 | Integer overflow in the _ncp32._NtrpTCPReceiveMsg function in rds.exe in the Cell Manager Database Service in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via a large value in the… | |||
| CVE-2006-4201 | 0.01 | — | 0.10 | Aug 17, 2006 | Unspecified vulnerability in the backup agent and Cell Manager in HP OpenView Storage Data Protector 5.1 and 5.5 before 20060810 allows remote attackers to execute arbitrary code on an agent via unspecified vectors related to authentication and input validation. | |||
| CVE-2021-22517 | 0.00 | — | 0.01 | Aug 5, 2021 | A potential unauthorized privilege escalation vulnerability has been identified in Micro Focus Data Protector. The vulnerability affects versions 10.10, 10.20, 10.30, 10.40, 10.50, 10.60, 10.70, 10.80, 10.0 and 10.91. A privileged user may potentially misuse this feature and… | |||
| CVE-2019-3476 | 0.00 | — | 0.03 | Mar 25, 2019 | Remote arbitrary code execution in Micro Focus Data Protector, version 10.03 this vulnerability could allow remote arbitrary code execution. | |||
| CVE-2015-2116 | 0.00 | — | 0.05 | Apr 27, 2015 | Unspecified vulnerability in HP Storage Data Protector 7.x before 7.03 build 107 allows remote authenticated users to execute arbitrary code or cause a denial of service via unknown vectors. | |||
| CVE-2012-5220 | 0.00 | — | 0.01 | Apr 26, 2013 | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows local users to gain privileges via unknown vectors. | |||
| CVE-2011-2399 | 0.00 | — | 0.05 | Aug 1, 2011 | Unspecified vulnerability in the Media Management Daemon (mmd) in HP Data Protector 6.11 and earlier allows remote attackers to cause a denial of service via unknown vectors. | |||
| CVE-2011-1515 | 0.00 | — | 0.04 | Jul 1, 2011 | The inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to cause a denial of service (daemon exit) via a request containing crafted parameters. | |||
| CVE-2011-1514 | 0.00 | — | 0.04 | Jul 1, 2011 | The inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request containing crafted parameters. | |||
| CVE-2011-0924 | 0.00 | — | 0.05 | Feb 9, 2011 | The client in HP Data Protector does not verify the contents of files associated with the EXEC_CMD command, which allows remote attackers to execute arbitrary script code by providing this code with a trusted filename, as demonstrated by omni_chk_ds.sh. | |||
| CVE-2011-0275 | 0.00 | — | 0.04 | Jan 28, 2011 | Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, 6.10, and 6.11 allows remote attackers to cause a denial of service via unknown vectors. | |||
| CVE-2009-4183 | 0.00 | — | 0.01 | Jan 28, 2010 | Unspecified vulnerability in HP OpenView Storage Data Protector 6.00 and 6.10 allows local users to obtain unspecified "access" via unknown vectors. | |||
| CVE-2007-0866 | 0.00 | — | 0.00 | Feb 9, 2007 | Unspecified vulnerability in HP OpenView Storage Data Protector on HP-UX B.11.00, B.11.11, or B.11.23 allows local users to execute arbitrary code via unknown vectors. |
- CVE-2011-1733May 7, 2011risk 0.01cvss —epss 0.14
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed HPFGConfig message.
- CVE-2011-1731May 7, 2011risk 0.01cvss —epss 0.15
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_INTEGUTIL message.
- CVE-2011-1730May 7, 2011risk 0.01cvss —epss 0.14
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_SCRIPT message.
- CVE-2011-1729May 7, 2011risk 0.01cvss —epss 0.14
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed GET_FILE message.
- CVE-2011-1728May 7, 2011risk 0.01cvss —epss 0.14
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_BAR message.
- CVE-2011-0921Feb 9, 2011risk 0.01cvss —epss 0.11
crs.exe in the Cell Manager Service in the client in HP Data Protector does not properly validate credentials associated with the hostname, domain, and username, which allows remote attackers to execute arbitrary code by sending unspecified data over TCP, related to the…
- CVE-2011-0273Jan 25, 2011risk 0.01cvss —epss 0.13
Buffer overflow in crs.exe in HP OpenView Storage Data Protector Cell Manager 6.11 allows remote attackers to execute arbitrary code via unspecified message types.
- CVE-2007-2281Dec 18, 2009risk 0.01cvss —epss 0.09
Integer overflow in the _ncp32._NtrpTCPReceiveMsg function in rds.exe in the Cell Manager Database Service in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via a large value in the…
- CVE-2006-4201Aug 17, 2006risk 0.01cvss —epss 0.10
Unspecified vulnerability in the backup agent and Cell Manager in HP OpenView Storage Data Protector 5.1 and 5.5 before 20060810 allows remote attackers to execute arbitrary code on an agent via unspecified vectors related to authentication and input validation.
- CVE-2021-22517Aug 5, 2021risk 0.00cvss —epss 0.01
A potential unauthorized privilege escalation vulnerability has been identified in Micro Focus Data Protector. The vulnerability affects versions 10.10, 10.20, 10.30, 10.40, 10.50, 10.60, 10.70, 10.80, 10.0 and 10.91. A privileged user may potentially misuse this feature and…
- CVE-2019-3476Mar 25, 2019risk 0.00cvss —epss 0.03
Remote arbitrary code execution in Micro Focus Data Protector, version 10.03 this vulnerability could allow remote arbitrary code execution.
- CVE-2015-2116Apr 27, 2015risk 0.00cvss —epss 0.05
Unspecified vulnerability in HP Storage Data Protector 7.x before 7.03 build 107 allows remote authenticated users to execute arbitrary code or cause a denial of service via unknown vectors.
- CVE-2012-5220Apr 26, 2013risk 0.00cvss —epss 0.01
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows local users to gain privileges via unknown vectors.
- CVE-2011-2399Aug 1, 2011risk 0.00cvss —epss 0.05
Unspecified vulnerability in the Media Management Daemon (mmd) in HP Data Protector 6.11 and earlier allows remote attackers to cause a denial of service via unknown vectors.
- CVE-2011-1515Jul 1, 2011risk 0.00cvss —epss 0.04
The inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to cause a denial of service (daemon exit) via a request containing crafted parameters.
- CVE-2011-1514Jul 1, 2011risk 0.00cvss —epss 0.04
The inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request containing crafted parameters.
- CVE-2011-0924Feb 9, 2011risk 0.00cvss —epss 0.05
The client in HP Data Protector does not verify the contents of files associated with the EXEC_CMD command, which allows remote attackers to execute arbitrary script code by providing this code with a trusted filename, as demonstrated by omni_chk_ds.sh.
- CVE-2011-0275Jan 28, 2011risk 0.00cvss —epss 0.04
Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, 6.10, and 6.11 allows remote attackers to cause a denial of service via unknown vectors.
- CVE-2009-4183Jan 28, 2010risk 0.00cvss —epss 0.01
Unspecified vulnerability in HP OpenView Storage Data Protector 6.00 and 6.10 allows local users to obtain unspecified "access" via unknown vectors.
- CVE-2007-0866Feb 9, 2007risk 0.00cvss —epss 0.00
Unspecified vulnerability in HP OpenView Storage Data Protector on HP-UX B.11.00, B.11.11, or B.11.23 allows local users to execute arbitrary code via unknown vectors.
Page 3 of 4