Universal CMDB

CVEs (9)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2016-4368	Microfocus Universal Discovery	Cri	0.64	9.8	0.01	Jun 8, 2016	HPE Universal CMDB 10.0 through 10.21, Universal CMDB Configuration Manager 10.0 through 10.21, and Universal Discovery 10.0 through 10.21 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC)…
CVE-2016-4367	Microfocus Universal CMDB	Hig	0.49	7.5	0.02	Jun 8, 2016	The Universal Discovery component in HPE Universal CMDB 10.0, 10.01, 10.10, 10.11, 10.20, and 10.21 allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2014-7883	Microfocus Universal CMDB		0.08	—	0.58	Feb 15, 2015	HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response.
CVE-2014-2617	Microfocus Universal CMDB		0.03	—	0.41	Jul 7, 2014	Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2104.
CVE-2014-2616	Microfocus Universal CMDB		0.01	—	0.08	Jul 7, 2014	Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2091.
CVE-2014-2615	Microfocus Universal CMDB		0.01	—	0.08	Jul 7, 2014	Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2083.
CVE-2018-6495	Microfocus Ucmdb Browser		0.00	—	0.00	May 23, 2018	Cross-Site Scripting (XSS) in Micro Focus Universal CMDB, version 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.0, CMS, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1 and Micro Focus UCMDB Browser, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1. This vulnerability could be…
CVE-2018-6491	Microfocus Universal CMDB		0.00	—	0.00	Apr 23, 2018	Local Escalation of Privilege vulnerability to Micro Focus Universal CMDB, versions 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.00. The vulnerability could be remotely exploited to Local Escalation of Privilege.
CVE-2018-6488	Microfocus Universal CMDB		0.00	—	0.01	Feb 22, 2018	Arbitrary Code Execution vulnerability in Micro Focus Universal CMDB, version 4.10, 4.11, 4.12. This vulnerability could be remotely exploited to allow Arbitrary Code Execution.

CVE-2016-4368CriJun 8, 2016
Microfocus
Universal Discovery
risk 0.64cvss 9.8epss 0.01
HPE Universal CMDB 10.0 through 10.21, Universal CMDB Configuration Manager 10.0 through 10.21, and Universal Discovery 10.0 through 10.21 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC)…
CVE-2016-4367HigJun 8, 2016
Microfocus
Universal CMDB
risk 0.49cvss 7.5epss 0.02
The Universal Discovery component in HPE Universal CMDB 10.0, 10.01, 10.10, 10.11, 10.20, and 10.21 allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2014-7883Feb 15, 2015
Microfocus
Universal CMDB
risk 0.08cvss —epss 0.58
HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response.
CVE-2014-2617Jul 7, 2014
Microfocus
Universal CMDB
risk 0.03cvss —epss 0.41
Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2104.
CVE-2014-2616Jul 7, 2014
Microfocus
Universal CMDB
risk 0.01cvss —epss 0.08
Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2091.
CVE-2014-2615Jul 7, 2014
Microfocus
Universal CMDB
risk 0.01cvss —epss 0.08
Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2083.
CVE-2018-6495May 23, 2018
Microfocus
Ucmdb Browser
risk 0.00cvss —epss 0.00
Cross-Site Scripting (XSS) in Micro Focus Universal CMDB, version 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.0, CMS, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1 and Micro Focus UCMDB Browser, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1. This vulnerability could be…
CVE-2018-6491Apr 23, 2018
Microfocus
Universal CMDB
risk 0.00cvss —epss 0.00
Local Escalation of Privilege vulnerability to Micro Focus Universal CMDB, versions 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.00. The vulnerability could be remotely exploited to Local Escalation of Privilege.
CVE-2018-6488Feb 22, 2018
Microfocus
Universal CMDB
risk 0.00cvss —epss 0.01
Arbitrary Code Execution vulnerability in Micro Focus Universal CMDB, version 4.10, 4.11, 4.12. This vulnerability could be remotely exploited to allow Arbitrary Code Execution.