Multiple vulnerabilities HP Network Automation
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2017-5810 CVE-2017-5812 CVE-2017-5811 CVE-2017-5814 CVE-2017-5813 |
| CWE-ID | CWE-89 CWE-200 CWE-20 CWE-592 CWE-284 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
HP Network Automation Client/Desktop applications / Software for system administration |
| Vendor | Hewlett Packard Enterprise Development LP |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) SQL injection
EUVDB-ID: #VU6505
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-5810
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary SQL commands in web application database.
The weakness exists due to insufficient sanitization of user-supplied input processed by the affected application. A remote unauthenticated attacker can send a specially crafted request that contains crafted parameter values and execute arbitrary SQL commands.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable website.
Update to version 10.00.022, 10.11.03 or 10.21.01.
Vulnerable software versionsHP Network Automation: 9.1 - 10.20
CPE2.3- cpe:2.3:a:hewlett_packard_enterprise_development_lp:hp_network_automation:9.1:*:*:*:*:*:*:
- cpe:2.3:a:hewlett_packard_enterprise_development_lp:hp_network_automation:9.2:*:*:*:*:*:*:
- cpe:2.3:a:hewlett_packard_enterprise_development_lp:hp_network_automation:10.00:*:*:*:*:*:*:
http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03740en_us
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU6509
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-5812
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to obtain potentially sensitive information.
The weakness exists due to improper processing of malicious requests. A remote attacker can send a specially crafted request and access arbitrary files to conduct further attacks.
Successful exploitation of the vulnerability results in information disclosure.
Update to version 10.00.022, 10.11.03 or 10.21.01.
Vulnerable software versionsHP Network Automation: 9.1 - 10.20
CPE2.3- cpe:2.3:a:hewlett_packard_enterprise_development_lp:hp_network_automation:9.1:*:*:*:*:*:*:
- cpe:2.3:a:hewlett_packard_enterprise_development_lp:hp_network_automation:9.2:*:*:*:*:*:*:
- cpe:2.3:a:hewlett_packard_enterprise_development_lp:hp_network_automation:10.00:*:*:*:*:*:*:
http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03740en_us
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper input validation
EUVDB-ID: #VU6508
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-5811
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to execute arbitrary code on the target system.
The weakness exists due to improper input validation. A remote attacker can create a specially crafted Website, trick the victim into visiting it and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution.
Update to version 10.00.022, 10.11.03 or 10.21.01.
Vulnerable software versionsHP Network Automation: 9.1 - 10.20
CPE2.3- cpe:2.3:a:hewlett_packard_enterprise_development_lp:hp_network_automation:9.1:*:*:*:*:*:*:
- cpe:2.3:a:hewlett_packard_enterprise_development_lp:hp_network_automation:9.2:*:*:*:*:*:*:
- cpe:2.3:a:hewlett_packard_enterprise_development_lp:hp_network_automation:10.00:*:*:*:*:*:*:
http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03740en_us
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Security bypass
EUVDB-ID: #VU6507
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-5814
CWE-ID:
CWE-592 - Authentication Bypass Issues
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to bypass security restrictions on the target system.
The weakness exists due to an unspecified condition that exists within the affected software. A remote attacker can bypass authentication and gain elevated privileges on the targeted system to conduct further attacks.
Successful exploitation of the vulnerability may result in privilege escalation on the application.
Update to version 10.00.022, 10.11.03 or 10.21.01.
Vulnerable software versionsHP Network Automation: 9.1 - 10.20
CPE2.3- cpe:2.3:a:hewlett_packard_enterprise_development_lp:hp_network_automation:9.1:*:*:*:*:*:*:
- cpe:2.3:a:hewlett_packard_enterprise_development_lp:hp_network_automation:9.2:*:*:*:*:*:*:
- cpe:2.3:a:hewlett_packard_enterprise_development_lp:hp_network_automation:10.00:*:*:*:*:*:*:
http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03740en_us
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Security bypass
EUVDB-ID: #VU6506
Risk: Low
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-5813
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to bypass security restrictions to the targeted system.
The weakness exists due to an unspecified condition that exists within the affected software. A remote attacker can bypass certain restrictions, view sensitive information or conduct further attacks.
Successful exploitation of the vulnerability results unauthorized access to the vulnerable system.
Update to version 10.00.022, 10.11.03 or 10.21.01.
Vulnerable software versionsHP Network Automation: 9.1 - 10.20
CPE2.3- cpe:2.3:a:hewlett_packard_enterprise_development_lp:hp_network_automation:9.1:*:*:*:*:*:*:
- cpe:2.3:a:hewlett_packard_enterprise_development_lp:hp_network_automation:9.2:*:*:*:*:*:*:
- cpe:2.3:a:hewlett_packard_enterprise_development_lp:hp_network_automation:10.00:*:*:*:*:*:*:
http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03740en_us
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
