CPE Details
HP Network Node Manager i (NNMi) 10.01
10.01
2016-05-09
12h15 +00:00
12h15 +00:00
2021-06-03
16h11 +00:00
16h11 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:hp:network_node_manager_i:10.01:*:*:*:*:*:*:*
Informations
Vendor
hpProduct
network_node_manager_iVersion
10.01Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| A Remote Bypass Security Restriction vulnerability in HPE Network Node Manager i (NNMi) Software versions v10.0x, v10.1x, v10.2x was found. | 9.8 |
Critical |
||
| HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. | 8.8 |
High |
||
| Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-2011. | 5.4 |
Medium |
||
| Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-2010. | 5.4 |
Medium |
||
| HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote attackers to bypass authentication via unspecified vectors. | 6.5 |
Medium |
||
| HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to obtain sensitive information via unspecified vectors. | 6.5 |
Medium |
||
| HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to modify data or cause a denial of service via unspecified vectors. | 8.1 |
High |
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.