SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02078800
Version: 1
HPSBMA02491 SSRT100060 rev.1 - HP Operations Manager for Windows, Remote Execution of Arbitrary Code
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-04-19
Last Updated: 2010-04-19
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Cisco Unified Service Monitor and Cisco
Unified Operations Manager Remote Code Execution Vulnerabilities
Advisory ID: cisco-sa-20110914-cusm
Revision 1.0
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03179825
Version: 1
HPSBGN02740 SSRT100741 rev.1 - HP Operations Manager, Operations Agent, Performance Agent, Service Health Reporter, Service Health Optimizer, Performance Manager, Remote Execution of Arbitrary Code
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2012-02-02
Last Updated: 2012-02-02
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01931960
Version: 1
HPSBMA02478 SSRT090251 rev.1 - HP Operations Manager for Windows, Remote Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-11-18
Last Updated: 2009-11-18
Sense of Security - Security Advisory - SOS-11-006
Release Date. 18-May-2011
Last Update. -
Vendor Notification Date. 28-Feb-2011
Product. Cisco Unified Operations Manager
Common Services Framework Help Servlet
Common Services Device Center
CiscoWorks Homepage
Note: All of the above products are
included by default in CuOM.
Note: Cisco Security Manager versions prior to 3.2 reached end of
software maintenance. Customers should contact their Cisco
support team for assistance in upgrading to a supported version
of Cisco Security Manager.
* Cisco Unified Operations Manager
+---------------------------------------------------------------+
| Unified Operations | Common Services |
| Manager Versions | Versions |
|-------------------------------------+-------------------------|
This advisory is posted at:
http://www.cisco.com/warp/public/707/cisco-sa-20110914-lms.shtml
Note: Cisco Unified Service Monitor and Cisco Unified Operations
Manager are also affected by these vulnerabilities. A separate
advisory for Cisco Unified Service Monitor and Cisco Unified
Operations Manager is available at:
http://www.cisco.com/warp/public/707/cisco-sa-20110914-cusm.shtml
Affected Products
+-------------------------------------------------------------------+
| Product | Product | Common Services |
| | Version | Version |
|-----------------------------------+------------+------------------|
| CiscoWorks IP Communications | 1.0 | 3.0 SP1 |
| Operations Manager | | |
|-----------------------------------+------------+------------------|
| CiscoWorks IP Communications | 1.0 | 3.0 SP1 |
| Service Monitor | | |
|-----------------------------------+------------+------------------|
| Cisco Unified Operations Manager | 1.1 | 3.0.3 |
Cisco Nexus 7000 Series Switches versions 4.2.x and later are not
affected.
* Cisco TelePresence Video Communication Server (Cisco TelePresence
VCS)
* Cisco Video Surveillance Manager (VSM)
* Cisco Video Surveillance Operations Manager (VSOM)
* Cisco Wireless Control System (WCS)
Products Confirmed Not Vulnerable
+--------------------------------
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01110627
Version: 1
HPSBMA02240 SSRT061260 rev.1 - HP OpenView Operations Manager for Windows (OVOW) with the OpenView Operations Add On Module for OpenView Operations-Business Availability Center Integration Running Shared Trace Service, Remote Arbitrary Code Execution
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-08-07
Last Updated: 2007-08-07
ZDI-09-085: Hewlett-Packard Operations Manager Server Backdoor Account Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-085
November 20, 2009
-- CVE ID:
CVE-2009-3843
-- Affected Vendors:
Hewlett-Packard
HP OpenView Internet Service
HP OpenView Performance Manager
HP OpenView Performance Agent
HP OpenView Reporter
HP OpenView Operations
HP OpenView Operations Manager for Windows
HP OpenView Service Quality Manager
HP OpenView Network Node Manager
HP OpenView Business Process Insight and Related Products
HP OpenView Dashboard
HP OpenView Performance Insight
|----------------------------+-------------------------------|
| Cisco Video Surveillance | CSCtd02831 |
| Media Server Software | |
|----------------------------+-------------------------------|
| Cisco Video Surveillance | CSCtd02780 |
| Operations Manager | |
| Software | |
|----------------------------+-------------------------------|
| Cisco Wide Area File | CSCtd04106 |
| Services Software (WAFS) | |
|----------------------------+-------------------------------|
1) Introduction
===============
HP Communication Broker is used in various HP enterprise softwares like
Performance Manager, Operations Manager and so on.
#######################################################################
======
* CiscoWorks LAN Management Solution versions 2.5, 2.6, and 3.0
* Cisco Security Manager versions 3.0, 3.1, and 3.2
* Cisco TelePresence Readiness Assessment Manager version 1.0
* CiscoWorks Voice Manager versions 3.0 and 3.1
* CiscoWorks Health and Utilization Monitor versions 1.0 and 1.1
* Cisco Unified Operations Manager versions 1.0, 1.1, 2.0, and 2.1
* Cisco Unified Provisioning Manager versions 1.0, 1.1, 1.2, and
1.3
The Solaris version of CiscoWorks Common Services is not affected by
this vulnerability.
