All the vulnerabilites related to Hewlett-Packard Development Company,L.P - HP System Management Homepage
jvndb-2007-000420
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
HP System Management Homepage cross-site scripting vulnerability
Details
A cross-site scripting vulnerability exists in Hewlett-Packard HP System Management Homepage (SMH).
HP System Management Homepage (SMH) from Hewlett-Packard is a web-based interface that can manage HP servers. A cross-site scripting vulnerability exists in SMH.
It is also confirmed that Compaq System Management Homepage, the product previous to SMH, contains a similar cross-site scripting vulnerability.
The vendor recommends users to upgrade to SMH, as Compaq System Management Homepage is an outdated product and is no longer available. For more information, refer to the vendor's website.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000420.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "A cross-site scripting vulnerability exists in Hewlett-Packard HP System Management Homepage (SMH).\r\n\r\nHP System Management Homepage (SMH) from Hewlett-Packard is a web-based interface that can manage HP servers. A cross-site scripting vulnerability exists in SMH.\r\n\r\nIt is also confirmed that Compaq System Management Homepage, the product previous to SMH, contains a similar cross-site scripting vulnerability.\r\n\r\nThe vendor recommends users to upgrade to SMH, as Compaq System Management Homepage is an outdated product and is no longer available. For more information, refer to the vendor\u0027s website.",
"link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000420.html",
"sec:cpe": {
"#text": "cpe:/a:hp:system_management_homepage",
"@product": "HP System Management Homepage",
"@vendor": "Hewlett-Packard Development Company,L.P",
"@version": "2.2"
},
"sec:cvss": {
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2007-000420",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN19240523/index.html",
"@id": "JVN#19240523",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3062",
"@id": "CVE-2007-3062",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3062",
"@id": "CVE-2007-3062",
"@source": "NVD"
},
{
"#text": "http://www.jpcert.or.jp/wr/2007/wr072101.txt",
"@id": "JPCERT-WR-2007-2101",
"@source": "JPCERT-WR"
},
{
"#text": "http://www.kb.cert.org/vuls/id/292457",
"@id": "VU#292457",
"@source": "CERT-VN"
},
{
"#text": "http://secunia.com/advisories/25493",
"@id": "SA25493",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/24256",
"@id": "24256",
"@source": "BID"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/34656",
"@id": "34656",
"@source": "XF"
},
{
"#text": "http://www.securitytracker.com/id?1018179",
"@id": "1018179",
"@source": "SECTRACK"
},
{
"#text": "http://www.frsirt.com/english/advisories/2007/2013",
"@id": "FrSIRT/ADV-2007-2013",
"@source": "FRSIRT"
}
],
"title": "HP System Management Homepage cross-site scripting vulnerability"
}
jvndb-2009-000029
Vulnerability from jvndb
Published
2009-05-20 16:01
Modified
2009-05-20 16:01
Summary
HP System Management Homepage vulnerable to cross-site scripting
Details
HP System Management Homepage (SMH) from Hewlett-Packard contains a cross-site scripting vulnerability.
HP System Management Homepage (SMH) from Hewlett-Packard is a web-based interface that can manage HP servers.
SMH contains a cross-site scripting vulnerability.
This vulnerability is different from JVN#19240523.
Masashi Shiraishi reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendor under Information Security Early Warning Partnership.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000029.html",
"dc:date": "2009-05-20T16:01+09:00",
"dcterms:issued": "2009-05-20T16:01+09:00",
"dcterms:modified": "2009-05-20T16:01+09:00",
"description": "HP System Management Homepage (SMH) from Hewlett-Packard contains a cross-site scripting vulnerability.\r\n\r\nHP System Management Homepage (SMH) from Hewlett-Packard is a web-based interface that can manage HP servers.\r\nSMH contains a cross-site scripting vulnerability.\r\n\r\nThis vulnerability is different from JVN#19240523.\r\n\r\nMasashi Shiraishi reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the vendor under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000029.html",
"sec:cpe": {
"#text": "cpe:/a:hp:system_management_homepage",
"@product": "HP System Management Homepage",
"@vendor": "Hewlett-Packard Development Company,L.P",
"@version": "2.2"
},
"sec:cvss": {
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2009-000029",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN02331156/index.html",
"@id": "JVN#02331156",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1418",
"@id": "CVE-2009-1418",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1418",
"@id": "CVE-2009-1418",
"@source": "NVD"
},
{
"#text": "http://securitytracker.com/id?1022242",
"@id": "1022242",
"@source": "SECTRACK"
},
{
"#text": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000029.html",
"@id": "JVNDB-2009-000029",
"@source": "JVNDB_Ja"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "HP System Management Homepage vulnerable to cross-site scripting"
}