This page lists publicly disclosed CVE vulnerabilities affecting hp openview_performance_insight (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2011-2410 | Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | [email protected] | 4.3 | 1.48% | 2011-08-19 | 2026-06-16 |
| CVE-2011-2407 | Unspecified vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to obtain access via unknown vectors. | [email protected] | 6.4 | 2.52% | 2011-08-11 | 2026-06-16 |
| CVE-2011-2406 | Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | [email protected] | 3.5 | 0.89% | 2011-08-11 | 2026-06-16 |
| CVE-2011-0276 | HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the com.trinagy.servlet.HelpManagerServlet class. | [email protected] | 10.0 | 82.43% | 2011-02-01 | 2026-06-16 |
| CVE-2010-0447 | The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbitrary commands via vectors involving upload of a JSP document. | [email protected] | 10.0 | 5.66% | 2010-03-10 | 2026-06-16 |