CVE-2018-6493
HIGHHP Network Operations Management Ultimate 2017.07-2018.02 & Network Automation 10.00-10.50 - Remote SQL Injection
Title source: llmDescription
SQL Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow Remote SQL Injection.
References (3)
Core 3
Core References
Various Sources x_refsource_confirm
https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158014
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1040900
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/104131
Scores
CVSS v3
8.8
EPSS
0.0021
EPSS Percentile
43.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-89
Status
published
Products (10)
hp/network_automation
10.00
hp/network_automation
10.10
hp/network_automation
10.11
hp/network_automation
10.20
hp/network_automation
10.30
hp/network_automation
10.40
hp/network_automation
10.50
hp/network_operations_management_ultimate
2017.07
hp/network_operations_management_ultimate
2017.11
hp/network_operations_management_ultimate
2018.02
Published
May 22, 2018
Tracked Since
Feb 18, 2026