Network Management Software 漏洞

时间轴

供应商

产品

HP OpenView Network Node Manager74
Cisco Prime Infrastructure58
ntp48
Zabbix47
HP System Management Homepage46

修正

Official Fix690
Temporary Fix0
Workaround11
Unavailable6
Not Defined332

易受攻击性

High63
Functional2
Proof-of-Concept147
Unproven82
Not Defined745

访问向量

Not Defined0
Physical7
Local74
Adjacent36
Network922

身份验证

Not Defined0
High22
Low311
None706

用户交互

Not Defined0
Required196
None843

C3BM Index

CVSSv3 Base

≤10
≤20
≤31
≤457
≤5136
≤6236
≤7181
≤8206
≤9105
≤10117

CVSSv3 Temp

≤10
≤20
≤35
≤475
≤5176
≤6238
≤7212
≤8126
≤9105
≤10102

VulDB

≤10
≤21
≤311
≤467
≤5193
≤6204
≤7150
≤8238
≤953
≤10122

NVD

≤10
≤20
≤31
≤410
≤519
≤667
≤7120
≤8121
≤970
≤1089

CNA

≤10
≤20
≤30
≤45
≤53
≤64
≤76
≤82
≤90
≤101

供应商

≤10
≤21
≤31
≤41
≤50
≤64
≤70
≤85
≤92
≤102

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

零日攻击

<1k108
<2k84
<5k179
<10k235
<25k315
<50k115
<100k3
≥100k0

本日攻击

<1k788
<2k65
<5k87
<10k48
<25k50
<50k1
<100k0
≥100k0

攻击市场容量

🔴 CTI 活动

Affected Products (165): Adventnet ManageEngine OpManager, Apache Hadoop, Aruba ArubaOS, Aruba SD-WAN Software and Gateways, Centreon Infrastructure Monitoring Software, Cisco Cisco Prime Infrastructure, Cisco Evolved Programmable Network, Cisco Evolved Programmable Network Manager, Cisco Identity Services Engine, Cisco Prime Data Center Network Manager, Cisco Prime Infrastructure, Cisco Programmable Network Manager, Cisco SD-WAN, Cisco SD-WAN Software, Cisco SD-WAN Solution, Cisco SD-WAN Solution vManage, Cisco SD-WAN vEdge, Cisco SD-WAN vEdge Router, Cisco SD-WAN vManage, Cisco SD-WAN vManage Software, Cisco Secure Access Control Server, Cisco Secure Access Control System, Citrix ADC, Citrix Application Delivery Controller, Citrix Gateway, Citrix NetScaler, Citrix Netscaler, Citrix Netscaler Access Gateway, Citrix NetScaler ADC, Citrix NetScaler Appliance, Citrix Netscaler Application Delivery Controller, Citrix NetScaler Gateway, Citrix Netscaler Gateway, Citrix Netscaler SD-WAN, Citrix NetScaler SDX, Citrix Netscaler VPX, Citrix SD-WAN, Citrix SD-WAN Center, Citrix SD-WAN Center Management Console, Citrix SD-WAN Orchestrator for On-Premises, Citrix SD-WAN Premium Edition Appliance, Citrix SD-WAN Standard Edition Appliance, Citrix SD-WAN WANOP, Citrix SD-WAN WANOP Edition, ConnectWise Automate, ConnectWise Control, ConnectWise Manage, ConnectWise ManagedITSync, DataDog API Client Java, Dave Mills ntpd, Eltex NTP-RG-1402G 1v10, HP Integrated Lights-Out, HP Integrated Lights-out, HP Integrated Lights-out 3, HP Integrated Lights-out Bmc, HP integrated Lights Out, HP OpenView, HP Openview, HP OpenView Application Manager, HP OpenView Client Configuration Manager, HP OpenView Configuration Management, HP OpenView Data Protector Application Recovery Manager, HP OpenView Event Correlation Services, HP OpenView Network Node Manage, HP OpenView Network Node Manager, HP Openview Network Node Manager, HP Openview Omniback, HP OpenView Operations, HP OpenView OS Manager, HP OpenView Performance Insight, HP OpenView Report, HP Openview Select Access, HP OpenView Storage Data Protector, HP OpenView Storage Data Protector Backup Agent, HP Proliant Integrated Lights Out, HP System Management Homepage, HPE iLO 4, HPE iLO 5, HPE iLO Amplifier Pack, HPE iLO Amplifier Pack Server, HPE Integrated Lights-Out, HPE Integrated Lights-Out 3, HPE Integrated Lights-Out 4, HPE Integrated Lights-Out 5, HPE integrated Lights Out, HPE integrated Lights Out 3, HPE Moonshot Chassis Manager, HPE Moonshot Component Pack, HPE Network Automation, HPE SimpliVity 325, HPE SimpliVity 380 Gen9, HPE SimpliVity 380 Gen10, HPE SimpliVity 380 Gen10 G, HPE SimpliVity 2600, HPE System Management Homepage, Idera Uptime Infrastructure Monitor, InfoVista PortalSE, InfoVista VistaPortal SE, Insteon Hub, Insteon Hub 2242-222, Insteon Hub 2245-222, Insteon Hub App, Ipswitch WhatsUp, Ipswitch Whatsup Gold, IPswitch WhatsUp Gold, Ipswitch WhatsUp Gold, Ipswitch WhatsUp Professional, IPswitch WhatsUp Professional, Ipswitch WhatsUp Small Business, ISC DHCP, ISC dhcp, ISC DHCPD, ISC DHCP Client, ManageEngine OpManager, Mesliat Zabbix Plugin, MiniSNMPD, net-snmp, Net-SNMP, net-snmp Net Snmp, ntp, NTP, ntpd, NTP Daemon, OpenNTPD, Oracle Integrated Lights Out Manager, Oracle Integrated Lights Out Manager (ILOM), Oracle SD-WAN Aware, Oracle SD-WAN Edge, Paessler PRTG, Paessler PRTG Network Monitor, Paessler Prtg Traffic Grapher6.0.5.416, Progress Whatsup Gold, Progress WhatsUp Gold, PRTG, PRTG Network Monitor, PRTG Network Monitor, Silver Peak EdgeConnect SD-WAN, SolarWinds Network Performance Monitor, SolarWinds Orion Virtual Infrastructure Monitor, SourceForge Net-SNMP, ucd-snmp, UTC Fire , UTC GPS-ZB, UTC Security GE-MC100-NTP, VMware NSX SD-WAN Edge, VMware SD-WAN, Vmware SD-WAN Orchestrator, Zabbix, zabbix-agent2, Zabbix Server, Zoho ManageEngine Desktop Central, Zoho ManageEngine EventLog Analyzer, Zoho ManageEngine FireWall, Zoho ManageEngine ManageEngine OpManager, Zoho ManageEngine Mobile Device Manager Plus, Zoho ManageEngine NetFlow Analyzer, Zoho ManageEngine Network Configuration Manager, Zoho ManageEngine O365 Manager Plus, Zoho ManageEngine OpManager, Zoho ManageEngine OpUtils, Zoho ManageEngine Patch Connect Plus, Zoho ManageEngine Patch Manager Plus, Zoho ManageEngine ServiceDesk Plus, Zoho ManageEngine SupportCenter Plus, Zoho ManageEngine Vulnerability Manager Plus

已发布BaseTemp漏洞产品修正CTICVE
2022-06-158.07.6Apache Hadoop 目录遍历HadoopNot DefinedOfficial Fix0.06CVE-2021-33036
2022-06-135.55.3Apache Hadoop libhdfs 内存损坏HadoopNot DefinedOfficial Fix0.19CVE-2021-37404
2022-05-123.53.5Progress Whatsup Gold API Transaction 信息公开Whatsup GoldNot DefinedNot Defined0.30CVE-2022-29845
2022-05-124.34.3Progress Whatsup Gold API Transaction 信息公开Whatsup GoldNot DefinedNot Defined0.10CVE-2022-29847
2022-05-124.34.3Progress Whatsup Gold 信息公开Whatsup GoldNot DefinedNot Defined0.10CVE-2022-29846
2022-05-123.53.5Progress WhatsUp Gold API Transaction 信息公开WhatsUp GoldNot DefinedNot Defined0.25CVE-2022-29848
2022-05-104.34.1HPE Integrated Lights-Out 4 拒绝服务Integrated Lights-Out 4Not DefinedOfficial Fix0.07CVE-2022-23704
2022-05-066.36.3Zoho ManageEngine OpManager Default Report SQL注入OpManagerNot DefinedNot Defined0.02CVE-2022-29535
2022-05-043.33.3Cisco SD-WAN vManage Software File System 权限升级SD-WAN vManage SoftwareNot DefinedOfficial Fix0.00CVE-2022-20734
2022-04-199.89.6Oracle SD-WAN Edge Management 权限升级SD-WAN EdgeNot DefinedOfficial Fix0.04CVE-2022-22965
2022-04-186.36.0Zoho ManageEngine ManageEngine OpManager Inventory Reports Module SQL注入ManageEngine OpManagerNot DefinedOfficial Fix0.04CVE-2022-27908
2022-04-156.05.9Cisco SD-WAN vEdge Router NETCONF 拒绝服务SD-WAN vEdge RouterNot DefinedOfficial Fix0.03CVE-2022-20717
2022-04-155.45.3Cisco SD-WAN vManage Software Web-based Management Interface 跨网站请求伪造SD-WAN vManage SoftwareNot DefinedOfficial Fix0.03CVE-2022-20735
2022-04-158.38.1Cisco SD-WAN CLI 权限升级SD-WANNot DefinedOfficial Fix0.05CVE-2022-20716
2022-04-158.17.9Cisco SD-WAN vManage Software CLI 权限升级SD-WAN vManage SoftwareNot DefinedOfficial Fix0.09CVE-2022-20739
2022-04-155.45.3Cisco SD-WAN vManage Software History API 信息公开SD-WAN vManage SoftwareNot DefinedOfficial Fix0.05CVE-2022-20747
2022-04-143.53.4Citrix SD-WAN Standard Edition Appliance 跨网站脚本SD-WAN Standard Edition Appliance/SD-WAN Premium Edition ApplianceNot DefinedOfficial Fix0.00CVE-2022-27505
2022-04-146.86.5Citrix SD-WAN Center Management Console CLI 弱身份验证SD-WAN Center Management Console/SD-WAN Standard Edition Appliance/SD-WAN Premium Edition Appliance/SD-WAN Orchestrator for On-PremisesNot DefinedOfficial Fix0.00CVE-2022-27506
2022-04-085.55.3Apache Hadoop unTarUsingJava 权限升级HadoopNot DefinedOfficial Fix0.06CVE-2022-26612
2022-03-103.63.6Zabbix Link 跨网站脚本ZabbixNot DefinedNot Defined0.07CVE-2022-24919
2022-03-103.13.1Zabbix Link 跨网站脚本ZabbixNot DefinedNot Defined0.04CVE-2022-24918
2022-03-103.13.1Zabbix Link 跨网站脚本ZabbixNot DefinedNot Defined0.03CVE-2022-24917
2022-03-104.04.0Zabbix Action Pages 跨网站脚本ZabbixNot DefinedNot Defined0.00CVE-2022-24349
2022-02-256.36.0HPE Integrated Lights-Out Webserver 权限升级Integrated Lights-OutNot DefinedOfficial Fix0.05CVE-2022-23701
2022-02-254.74.5HPE iLO Amplifier Pack 内存损坏iLO Amplifier PackNot DefinedOfficial Fix0.03CVE-2021-29220
2022-02-175.25.1Cisco Prime Infrastructure Web-based Management Interface 跨网站脚本Prime Infrastructure/Evolved Programmable Network ManagerNot DefinedOfficial Fix0.06CVE-2022-20659
2022-01-274.74.6Zabbix Application Server Privilege EscalationZabbixNot DefinedNot Defined0.06CVE-2021-46088
2022-01-134.94.9Zabbix Host Group 跨网站脚本ZabbixNot DefinedNot Defined0.04CVE-2022-23133
2022-01-138.28.2Zabbix SAML 弱身份验证ZabbixNot DefinedNot Defined0.03CVE-2022-23131
2022-01-134.34.3Zabbix Installation zabbix 权限升级ZabbixNot DefinedNot Defined0.03CVE-2022-23132
2022-01-135.55.5Zabbix Configuration setup.php 权限升级ZabbixNot DefinedNot Defined0.05CVE-2022-23134
2022-01-068.07.6zabbix-agent2 Configuration 权限升级zabbix-agent2Not DefinedOfficial Fix0.02CVE-2022-22704
2021-11-103.13.0Citrix ADC/Gateway/SD-WAN WANOP Edition NSIP/SNIP 拒绝服务ADC/Gateway/SD-WAN WANOP EditionNot DefinedOfficial Fix0.03CVE-2021-22956
2021-11-044.84.7Cisco Prime Infrastructure Web-based Management Interface 跨网站脚本Prime Infrastructure/Evolved Programmable Network ManagerNot DefinedOfficial Fix0.00CVE-2021-34784
2021-11-018.58.5HPE iLO Amplifier Pack 目录遍历iLO Amplifier PackNot DefinedNot Defined0.03CVE-2021-29212
2021-10-016.36.0Zoho ManageEngine ManageEngine OpManager getReportData API SQL注入ManageEngine OpManagerNot DefinedOfficial Fix0.06CVE-2021-41288
2021-09-294.34.1Progress WhatsUp Gold Application Endpoint 跨网站脚本WhatsUp GoldNot DefinedOfficial Fix0.06CVE-2021-41318
2021-09-234.94.8Cisco SD-WAN CLI 信息公开SD-WANNot DefinedOfficial Fix0.07CVE-2021-1546
2021-09-235.95.7Cisco SD-WAN vManage Software Web-based Management Interface 权限升级SD-WAN vManage SoftwareNot DefinedOfficial Fix0.05CVE-2021-34712
2021-09-235.45.3Cisco SD-WAN vManage Software API Endpoint 权限升级SD-WAN vManage SoftwareNot DefinedOfficial Fix0.02CVE-2021-1589
2021-09-237.06.8Cisco SD-WAN CLI 权限升级SD-WANNot DefinedOfficial Fix0.03CVE-2021-34726
2021-09-224.84.8Zoho ManageEngine ManageEngine OpManager API Key 跨网站脚本ManageEngine OpManagerNot DefinedNot Defined0.08CVE-2020-19554
2021-09-133.53.4PRTG Network Monitor Active Directory 跨网站脚本PRTG Network MonitorNot DefinedOfficial Fix0.05CVE-2021-29643
2021-09-075.35.1Aruba SD-WAN Software and Gateways/ArubaOS 目录遍历SD-WAN Software and Gateways/ArubaOSNot DefinedOfficial Fix0.06CVE-2021-37731
2021-09-073.53.4Aruba SD-WAN Software and Gateways/ArubaOS 跨网站请求伪造SD-WAN Software and Gateways/ArubaOSNot DefinedOfficial Fix0.05CVE-2021-37725
2021-09-076.36.0Aruba SD-WAN Software and Gateways 目录遍历SD-WAN Software and GatewaysNot DefinedOfficial Fix0.04CVE-2021-37733
2021-09-076.36.0Aruba SD-WAN Software and Gateways/ArubaOS 目录遍历SD-WAN Software and Gateways/ArubaOSNot DefinedOfficial Fix0.04CVE-2021-37729
2021-09-076.36.0Aruba SD-WAN Software and Gateways/ArubaOS Privilege EscalationSD-WAN Software and Gateways/ArubaOSNot DefinedOfficial Fix0.06CVE-2021-37722
2021-09-076.36.0Aruba SD-WAN Software and Gateways/ArubaOS Privilege EscalationSD-WAN Software and Gateways/ArubaOSNot DefinedOfficial Fix0.05CVE-2021-37721
2021-09-076.36.0Aruba SD-WAN Software and Gateways/ArubaOS Privilege EscalationSD-WAN Software and Gateways/ArubaOSNot DefinedOfficial Fix0.04CVE-2021-37720

989 更多条目未显示

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!