This page lists publicly disclosed CVE vulnerabilities affecting hp operations_orchestration (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2018-6490 | Denial of Service vulnerability in Micro Focus Operations Orchestration Software, version 10.x. This vulnerability could be remotely exploited to allow Denial of Service. | [email protected] | 5.9 | 2.62% | 2018-03-02 | 2024-11-21 |
| CVE-2016-8519 | A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found. | [email protected] | 9.8 | 28.56% | 2018-02-15 | 2024-11-21 |
| CVE-2017-8994 | A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely. | [email protected] | 9.8 | 9.84% | 2017-10-10 | 2026-05-13 |
| CVE-2016-1997 | HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. | [email protected] | 9.8 | 6.69% | 2016-03-22 | 2026-05-06 |
| CVE-2015-5451 | Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | [email protected] | 6.8 | 1.49% | 2015-11-23 | 2026-05-06 |
| CVE-2015-2109 | Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors. | [email protected] | 7.5 | 4.11% | 2015-03-31 | 2026-05-06 |
| CVE-2015-2108 | Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors. | [email protected] | 3.5 | 1.94% | 2015-03-31 | 2026-05-06 |
| CVE-2013-6192 | Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration before 9 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | [email protected] | 6.8 | 0.97% | 2013-12-17 | 2026-04-29 |
| CVE-2013-6191 | Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | [email protected] | 4.3 | 2.49% | 2013-12-17 | 2026-04-29 |
| CVE-2012-3258 | Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors. | [email protected] | 10.0 | 9.92% | 2012-09-19 | 2026-04-29 |
| CVE-2010-3985 | Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Explorer 6.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | [email protected] | 4.3 | 2.01% | 2010-10-26 | 2026-04-29 |