All the vulnerabilites related to hp - system_management_homepage
Vulnerability from fkie_nvd
Published
2012-04-18 10:33
Modified
2024-11-21 01:34
Severity ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows remote authenticated users to cause a denial of service via unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43535D7A-EBF8-4F36-8EE3-D446A936AA0E",
"versionEndIncluding": "6.1.0-103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1.104:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDEA64C-7511-4E71-8DFA-6E66531AC461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2.106:*:*:*:*:*:*:*",
"matchCriteriaId": "F304AB45-8298-4426-91B3-B99ED7FF6C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "1C035D5C-90ED-4259-B05C-BEF93D81F42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103\\(a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "824996A5-C2CC-4FC5-8705-F6B4D69F39B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBF9F0E-AA30-4E5A-B23E-DD895303245C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2005B3-1914-4B4B-892A-8CCC0F39EF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0.121:*:*:*:*:*:*:*",
"matchCriteriaId": "61ED0B94-3CC3-427C-A038-90C6CEF768BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6426924C-AA5C-4C93-AB8B-9314CD010139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7DCF4F-609A-497B-A32E-3D946EC2EE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2.127:*:*:*:*:*:*:*",
"matchCriteriaId": "ECEAE287-0A13-4DB3-A36D-BD50148BE9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E5C789-9827-47DF-A47C-454DF7687E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECF53BE-0E3A-41F8-AFD2-29CA3F2D0C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4.143:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D25EAF-145F-4D96-836E-1B7C3FE53E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBB25A-A1DE-4943-9EE5-0FCF21A55666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*",
"matchCriteriaId": "C43EF082-E9AB-41D3-B7AF-936B84BB6AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5379C7-0061-4C53-8B81-45F8063956DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:b:*:*:*:*:*:*",
"matchCriteriaId": "FD94C7BD-B398-42BF-9FB9-EB4581AF98E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B61485E4-6EC1-4886-AB47-F5BC8E72A08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*",
"matchCriteriaId": "203163D8-15E8-4F2D-A807-7643EA0D6920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6.156:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF2CB88-3E10-48BF-8D49-994A3E6014E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E354FF4-5CDD-4B79-B56C-2C774B235D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9CEFE-23C2-4455-BE6F-51D26487D3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7.168:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1A3FCF-B0AD-45DF-96D3-09BE755F94A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0DA8D6-3B1D-4935-855E-9431EB4BA683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8.179:*:*:*:*:*:*:*",
"matchCriteriaId": "D75CC6FB-FB51-42DD-B708-54A99B10F70A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFAF26C-7BFE-479E-880C-B13E78780625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95912B-8C95-4CA8-BDA7-76074E20E362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3162C720-A042-48D8-A598-5CC9845C5715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDD728B-9E92-4EC8-BD61-6E1AE300CE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:*:*:*:*:*:*:*",
"matchCriteriaId": "73D573A1-93F3-4652-9E64-EDED09731EF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:b:*:*:*:*:*:*",
"matchCriteriaId": "8B6EF4B8-AF43-4777-9556-CA6DFF864B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:c:*:*:*:*:*:*",
"matchCriteriaId": "42050FEF-5456-4340-9AD1-00448E4B5E34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEEE1E4-1883-411E-A4BA-985041880439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3E3BC1-A986-4942-80FA-5911428F8E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11.197:a:*:*:*:*:*:*",
"matchCriteriaId": "96B6DA99-20FA-4622-8F1C-3086143CAE90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AC00-8A30-49CB-956D-715053A920D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*",
"matchCriteriaId": "F425004A-EC16-44E8-A297-21F33F802FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12.201:*:*:*:*:*:*:*",
"matchCriteriaId": "849BE02B-513B-405E-A430-DF9D02C0A666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C46B2D3D-1B9A-4AE4-BDE2-4E6C388356EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15-210:*:*:*:*:*:*:*",
"matchCriteriaId": "BD611329-F5D3-455D-A275-4D61429357E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15.210:*:*:*:*:*:*:*",
"matchCriteriaId": "09857263-747C-40F5-9744-21FD03187CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2C14DB20-E22E-466E-A3CD-C841CFDF2A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8881820B-29B4-41DB-AEED-5513A347E290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0-68:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0C8455-CAAC-463E-A0D6-D21B8FB1BE31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "C78C2C5A-F788-4F25-BD19-50C76C802329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1-73:*:*:*:*:*:*:*",
"matchCriteriaId": "4F6E0634-1562-4DC4-80A1-283ED369176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1.73:*:*:*:*:*:*:*",
"matchCriteriaId": "70E1319D-7BA1-43AC-A4E2-69D2E885DE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2-77:*:*:*:*:*:*:*",
"matchCriteriaId": "692B6E95-A67C-41E4-AEF7-CD4F01E802D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE5FC25-ADBE-41E9-A5F6-51BE9D451AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:b:*:*:*:*:*:*",
"matchCriteriaId": "BBE1D8A2-4AE0-4D0B-8D4D-D842E74ED328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "19DC0DB5-998A-4CE3-9AFE-A4009E6E755F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0-95:*:*:*:*:*:*:*",
"matchCriteriaId": "8CF6C235-1889-453D-8DBF-3A6165DEC833",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "51033974-B685-4214-B45D-5ED7DBDA95AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CBED89BD-C66E-4B5B-AA6F-8F79246AE5DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0.102:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2379BD-5FAE-4D3D-8BDF-0BD3DC3EAA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows remote authenticated users to cause a denial of service via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en HP System Management Homepage (SMH) antes de v7.0 permite a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2012-0135",
"lastModified": "2024-11-21T01:34:27.310",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-18T10:33:31.417",
"references": [
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securityfocus.com/archive/1/522374"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securityfocus.com/archive/1/522374"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securitytracker.com/id?1026925"
},
{
"source": "hp-security-alert@hp.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74917"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026925"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74917"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-09-17 18:00
Modified
2024-11-21 01:17
Severity ?
Summary
CRLF injection vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF08CF3-418F-409C-852F-5C03F54F466C",
"versionEndIncluding": "6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1.104:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDEA64C-7511-4E71-8DFA-6E66531AC461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2.106:*:*:*:*:*:*:*",
"matchCriteriaId": "F304AB45-8298-4426-91B3-B99ED7FF6C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "1C035D5C-90ED-4259-B05C-BEF93D81F42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103\\(a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "824996A5-C2CC-4FC5-8705-F6B4D69F39B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBF9F0E-AA30-4E5A-B23E-DD895303245C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2005B3-1914-4B4B-892A-8CCC0F39EF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0.121:*:*:*:*:*:*:*",
"matchCriteriaId": "61ED0B94-3CC3-427C-A038-90C6CEF768BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6426924C-AA5C-4C93-AB8B-9314CD010139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7DCF4F-609A-497B-A32E-3D946EC2EE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2.127:*:*:*:*:*:*:*",
"matchCriteriaId": "ECEAE287-0A13-4DB3-A36D-BD50148BE9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E5C789-9827-47DF-A47C-454DF7687E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECF53BE-0E3A-41F8-AFD2-29CA3F2D0C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4.143:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D25EAF-145F-4D96-836E-1B7C3FE53E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBB25A-A1DE-4943-9EE5-0FCF21A55666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*",
"matchCriteriaId": "C43EF082-E9AB-41D3-B7AF-936B84BB6AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5379C7-0061-4C53-8B81-45F8063956DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:b:*:*:*:*:*:*",
"matchCriteriaId": "FD94C7BD-B398-42BF-9FB9-EB4581AF98E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B61485E4-6EC1-4886-AB47-F5BC8E72A08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*",
"matchCriteriaId": "203163D8-15E8-4F2D-A807-7643EA0D6920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6.156:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF2CB88-3E10-48BF-8D49-994A3E6014E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E354FF4-5CDD-4B79-B56C-2C774B235D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9CEFE-23C2-4455-BE6F-51D26487D3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7.168:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1A3FCF-B0AD-45DF-96D3-09BE755F94A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0DA8D6-3B1D-4935-855E-9431EB4BA683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8.179:*:*:*:*:*:*:*",
"matchCriteriaId": "D75CC6FB-FB51-42DD-B708-54A99B10F70A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFAF26C-7BFE-479E-880C-B13E78780625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95912B-8C95-4CA8-BDA7-76074E20E362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3162C720-A042-48D8-A598-5CC9845C5715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDD728B-9E92-4EC8-BD61-6E1AE300CE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:*:*:*:*:*:*:*",
"matchCriteriaId": "73D573A1-93F3-4652-9E64-EDED09731EF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:b:*:*:*:*:*:*",
"matchCriteriaId": "8B6EF4B8-AF43-4777-9556-CA6DFF864B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:c:*:*:*:*:*:*",
"matchCriteriaId": "42050FEF-5456-4340-9AD1-00448E4B5E34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEEE1E4-1883-411E-A4BA-985041880439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3E3BC1-A986-4942-80FA-5911428F8E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11.197:a:*:*:*:*:*:*",
"matchCriteriaId": "96B6DA99-20FA-4622-8F1C-3086143CAE90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AC00-8A30-49CB-956D-715053A920D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*",
"matchCriteriaId": "F425004A-EC16-44E8-A297-21F33F802FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12.201:*:*:*:*:*:*:*",
"matchCriteriaId": "849BE02B-513B-405E-A430-DF9D02C0A666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C46B2D3D-1B9A-4AE4-BDE2-4E6C388356EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15-210:*:*:*:*:*:*:*",
"matchCriteriaId": "BD611329-F5D3-455D-A275-4D61429357E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15.210:*:*:*:*:*:*:*",
"matchCriteriaId": "09857263-747C-40F5-9744-21FD03187CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2C14DB20-E22E-466E-A3CD-C841CFDF2A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8881820B-29B4-41DB-AEED-5513A347E290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0-68:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0C8455-CAAC-463E-A0D6-D21B8FB1BE31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "C78C2C5A-F788-4F25-BD19-50C76C802329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1-73:*:*:*:*:*:*:*",
"matchCriteriaId": "4F6E0634-1562-4DC4-80A1-283ED369176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1.73:*:*:*:*:*:*:*",
"matchCriteriaId": "70E1319D-7BA1-43AC-A4E2-69D2E885DE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2-77:*:*:*:*:*:*:*",
"matchCriteriaId": "692B6E95-A67C-41E4-AEF7-CD4F01E802D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE5FC25-ADBE-41E9-A5F6-51BE9D451AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:b:*:*:*:*:*:*",
"matchCriteriaId": "BBE1D8A2-4AE0-4D0B-8D4D-D842E74ED328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "19DC0DB5-998A-4CE3-9AFE-A4009E6E755F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0-95:*:*:*:*:*:*:*",
"matchCriteriaId": "8CF6C235-1889-453D-8DBF-3A6165DEC833",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "51033974-B685-4214-B45D-5ED7DBDA95AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "81DB7A7A-A051-40AE-A12E-A54DF6F41C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0.102:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2379BD-5FAE-4D3D-8BDF-0BD3DC3EAA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n CRLF (se refiere a CR (retorno de carro) y LF (salto de l\u00ednea)) en HP System Management Homepage (SMH) anterior a v6.2 permite a atacantes remotos inyectar cabeceras HTTP a su elecci\u00f3n y llevar a cabo ataques de respuesta HTTP divididas a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2010-3011",
"lastModified": "2024-11-21T01:17:52.200",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-09-17T18:00:02.367",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41480"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41490"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-03-18 10:59
Modified
2024-11-21 02:47
Severity ?
Summary
HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D06BF4CE-299F-42E4-BA0A-5D68788C92DF",
"versionEndIncluding": "7.5.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors."
},
{
"lang": "es",
"value": "HPE System Management Homepage en versiones anteriores a 7.5.4 permite a usuarios remotos autenticados obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-1994",
"lastModified": "2024-11-21T02:47:30.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-03-18T10:59:02.910",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1035325"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-28 21:59
Modified
2024-11-21 02:52
Severity ?
Summary
HPE System Management Homepage before v7.6 allows "remote authenticated" attackers to obtain sensitive information via unspecified vectors, related to an "XSS" issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD3FEB80-163D-4589-B6A8-6BB1ADCB6A10",
"versionEndIncluding": "7.5.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HPE System Management Homepage before v7.6 allows \"remote authenticated\" attackers to obtain sensitive information via unspecified vectors, related to an \"XSS\" issue."
},
{
"lang": "es",
"value": "HPE System Management Homepage en versiones anteriores a v7.6 permite a atacantes \"remotos autenticados\" obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados, relacionado con un problema de \"XSS\"."
}
],
"id": "CVE-2016-4393",
"lastModified": "2024-11-21T02:52:01.450",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-28T21:59:00.207",
"references": [
{
"source": "security-alert@hpe.com",
"url": "http://www.securityfocus.com/bid/93961"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149"
},
{
"source": "security-alert@hpe.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-22 11:19
Modified
2024-11-21 01:51
Severity ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows local users to cause a denial of service via unknown vectors, aka ZDI-CAN-1676.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| hp | system_management_homepage | 7.0 | |
| hp | system_management_homepage | 7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "525F8984-5088-4A9F-9EBE-031FDCF3C26C",
"versionEndIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A2A419-3E62-4244-83D9-354755BEAA0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26EB8583-BF1A-4DA7-B560-EDDEBD4D7DA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows local users to cause a denial of service via unknown vectors, aka ZDI-CAN-1676."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en HP System Management Homepage (SMH) anterior a 7.2.1, permite a usuarios locales provocar una denegaci\u00f3n de servicio a trav\u00e9s de vectores desconocidos. Aka ZDI-CAN-1676."
}
],
"id": "CVE-2013-2362",
"lastModified": "2024-11-21T01:51:31.957",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-22T11:19:36.260",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-09-18 18:17
Modified
2024-11-21 00:36
Severity ?
Summary
HP System Management Homepage (SMH) for Windows, when used in conjunction with HP Version Control Agent or Version Control Repository Manager, leaves old OpenSSL software active after an OpenSSL update, which has unknown impact and attack vectors, probably related to previous vulnerabilities for OpenSSL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | 2.0.0 | |
| hp | system_management_homepage | 2.0.1 | |
| hp | system_management_homepage | 2.0.2 | |
| hp | system_management_homepage | 2.1 | |
| hp | system_management_homepage | 2.1.1 | |
| hp | system_management_homepage | 2.1.2 | |
| hp | system_management_homepage | 2.1.3 | |
| hp | system_management_homepage | 2.1.3.132 | |
| hp | system_management_homepage | 2.1.4 | |
| hp | system_management_homepage | 2.1.5 | |
| hp | system_management_homepage | 2.1.6 | |
| hp | system_management_homepage | 2.1.7 | |
| hp | system_management_homepage | 2.1.8 | |
| hp | system_management_homepage | 2.1.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6426924C-AA5C-4C93-AB8B-9314CD010139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E5C789-9827-47DF-A47C-454DF7687E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBB25A-A1DE-4943-9EE5-0FCF21A55666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B61485E4-6EC1-4886-AB47-F5BC8E72A08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E354FF4-5CDD-4B79-B56C-2C774B235D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFAF26C-7BFE-479E-880C-B13E78780625",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HP System Management Homepage (SMH) for Windows, when used in conjunction with HP Version Control Agent or Version Control Repository Manager, leaves old OpenSSL software active after an OpenSSL update, which has unknown impact and attack vectors, probably related to previous vulnerabilities for OpenSSL."
},
{
"lang": "es",
"value": "HP System Management Homepage (SMH) para Windows, cuando se usa en conjunto con HP Version Control Agent o Version Control REpository Manager, deja el software OpenSSL activo despu\u00e9s de una actualizaci\u00f3n OpenSSL, lo cual tiene impacto y vectores de ataque desconocidos, probablemente relacionados con vulnerabilidades previas para OpenSSL."
}
],
"id": "CVE-2007-4931",
"lastModified": "2024-11-21T00:36:45.020",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-09-18T18:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/45941"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1018696"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/25675"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/45941"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1018696"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/25675"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-09-15 18:00
Modified
2024-11-21 01:17
Severity ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) for Linux 6.0 and 6.1 allows remote authenticated users to obtain sensitive information and gain root privileges via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | 6.0 | |
| hp | system_management_homepage | 6.1 | |
| linux | linux_kernel | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "19DC0DB5-998A-4CE3-9AFE-A4009E6E755F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CBED89BD-C66E-4B5B-AA6F-8F79246AE5DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) for Linux 6.0 and 6.1 allows remote authenticated users to obtain sensitive information and gain root privileges via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en HP System Management Homepage (SMH) para Linux v6.0 y v6.1 permite a los usuarios remotos autenticados obtener informaci\u00f3n sensible y privilegios de administrador (root) a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2010-3009",
"lastModified": "2024-11-21T01:17:52.003",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-09-15T18:00:44.213",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128447666623011\u0026w=2"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128447666623011\u0026w=2"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41427"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securityfocus.com/bid/43208"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securitytracker.com/id?1024433"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02475053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128447666623011\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128447666623011\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41427"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/43208"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02475053"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-15 22:29
Modified
2024-11-21 03:09
Severity ?
Summary
A remote denial of service vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-alert@hpe.com | http://www.securityfocus.com/bid/101029 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | http://www.securitytracker.com/id/1039437 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | Vendor Advisory | |
| security-alert@hpe.com | https://www.tenable.com/security/research/tra-2017-30 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101029 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039437 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/research/tra-2017-30 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| linux | linux_kernel | - | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74107D7F-60E9-4A88-85D4-9594553A01C2",
"versionEndExcluding": "7.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote denial of service vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad de denegaci\u00f3n de servicio (DoS) remota en HPE System Management Homepage para Windows y Linux en versiones anteriores a la 7.6."
}
],
"id": "CVE-2017-12545",
"lastModified": "2024-11-21T03:09:43.680",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-15T22:29:04.433",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2017-30"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2017-30"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-06-29 22:55
Modified
2024-11-21 01:38
Severity ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows local users to obtain sensitive information via unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E5107E0-A182-403D-A04E-3A46366825F3",
"versionEndIncluding": "7.1.0-16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1.104:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDEA64C-7511-4E71-8DFA-6E66531AC461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2.106:*:*:*:*:*:*:*",
"matchCriteriaId": "F304AB45-8298-4426-91B3-B99ED7FF6C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "1C035D5C-90ED-4259-B05C-BEF93D81F42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103\\(a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "824996A5-C2CC-4FC5-8705-F6B4D69F39B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBF9F0E-AA30-4E5A-B23E-DD895303245C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2005B3-1914-4B4B-892A-8CCC0F39EF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0.121:*:*:*:*:*:*:*",
"matchCriteriaId": "61ED0B94-3CC3-427C-A038-90C6CEF768BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6426924C-AA5C-4C93-AB8B-9314CD010139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7DCF4F-609A-497B-A32E-3D946EC2EE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2.127:*:*:*:*:*:*:*",
"matchCriteriaId": "ECEAE287-0A13-4DB3-A36D-BD50148BE9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E5C789-9827-47DF-A47C-454DF7687E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECF53BE-0E3A-41F8-AFD2-29CA3F2D0C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4.143:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D25EAF-145F-4D96-836E-1B7C3FE53E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBB25A-A1DE-4943-9EE5-0FCF21A55666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*",
"matchCriteriaId": "C43EF082-E9AB-41D3-B7AF-936B84BB6AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5379C7-0061-4C53-8B81-45F8063956DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:b:*:*:*:*:*:*",
"matchCriteriaId": "FD94C7BD-B398-42BF-9FB9-EB4581AF98E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B61485E4-6EC1-4886-AB47-F5BC8E72A08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*",
"matchCriteriaId": "203163D8-15E8-4F2D-A807-7643EA0D6920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6.156:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF2CB88-3E10-48BF-8D49-994A3E6014E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E354FF4-5CDD-4B79-B56C-2C774B235D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9CEFE-23C2-4455-BE6F-51D26487D3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7.168:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1A3FCF-B0AD-45DF-96D3-09BE755F94A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0DA8D6-3B1D-4935-855E-9431EB4BA683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8.179:*:*:*:*:*:*:*",
"matchCriteriaId": "D75CC6FB-FB51-42DD-B708-54A99B10F70A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFAF26C-7BFE-479E-880C-B13E78780625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95912B-8C95-4CA8-BDA7-76074E20E362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3162C720-A042-48D8-A598-5CC9845C5715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDD728B-9E92-4EC8-BD61-6E1AE300CE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:*:*:*:*:*:*:*",
"matchCriteriaId": "73D573A1-93F3-4652-9E64-EDED09731EF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:b:*:*:*:*:*:*",
"matchCriteriaId": "8B6EF4B8-AF43-4777-9556-CA6DFF864B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:c:*:*:*:*:*:*",
"matchCriteriaId": "42050FEF-5456-4340-9AD1-00448E4B5E34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEEE1E4-1883-411E-A4BA-985041880439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3E3BC1-A986-4942-80FA-5911428F8E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11.197:a:*:*:*:*:*:*",
"matchCriteriaId": "96B6DA99-20FA-4622-8F1C-3086143CAE90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AC00-8A30-49CB-956D-715053A920D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*",
"matchCriteriaId": "F425004A-EC16-44E8-A297-21F33F802FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12.201:*:*:*:*:*:*:*",
"matchCriteriaId": "849BE02B-513B-405E-A430-DF9D02C0A666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "4C655A93-EAF6-4AC5-97B6-39601457FE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C46B2D3D-1B9A-4AE4-BDE2-4E6C388356EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "50D50984-75F5-4F70-96BB-E2133E1360AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15-210:*:*:*:*:*:*:*",
"matchCriteriaId": "BD611329-F5D3-455D-A275-4D61429357E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15.210:*:*:*:*:*:*:*",
"matchCriteriaId": "09857263-747C-40F5-9744-21FD03187CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2C14DB20-E22E-466E-A3CD-C841CFDF2A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8881820B-29B4-41DB-AEED-5513A347E290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA1487A6-D639-4CA5-9696-47E04D621AD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0-68:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0C8455-CAAC-463E-A0D6-D21B8FB1BE31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "C78C2C5A-F788-4F25-BD19-50C76C802329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "46BDF870-3717-4486-8F45-55794F3DC712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1-73:*:*:*:*:*:*:*",
"matchCriteriaId": "4F6E0634-1562-4DC4-80A1-283ED369176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1.73:*:*:*:*:*:*:*",
"matchCriteriaId": "70E1319D-7BA1-43AC-A4E2-69D2E885DE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7C8CC2-1C1C-4813-8CEE-70F3F2AF3F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2-77:*:*:*:*:*:*:*",
"matchCriteriaId": "692B6E95-A67C-41E4-AEF7-CD4F01E802D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE5FC25-ADBE-41E9-A5F6-51BE9D451AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:b:*:*:*:*:*:*",
"matchCriteriaId": "BBE1D8A2-4AE0-4D0B-8D4D-D842E74ED328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "19DC0DB5-998A-4CE3-9AFE-A4009E6E755F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0-95:*:*:*:*:*:*:*",
"matchCriteriaId": "8CF6C235-1889-453D-8DBF-3A6165DEC833",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "51033974-B685-4214-B45D-5ED7DBDA95AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CBED89BD-C66E-4B5B-AA6F-8F79246AE5DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "81DB7A7A-A051-40AE-A12E-A54DF6F41C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0.102:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2379BD-5FAE-4D3D-8BDF-0BD3DC3EAA41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8A4A11-24D2-4BEC-9D29-78BB72518A59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1B21D4B4-172C-4D00-AAC1-459F33F4D3BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C17F3CE1-D6A2-4B15-856C-8D083B32274F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7349879C-6CBE-4636-B6E7-C25955DE680B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A2A419-3E62-4244-83D9-354755BEAA0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows local users to obtain sensitive information via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en HP System Management Homepage (SMH) anteriores a 7.1.1 permite a usuarios locales obtener informaci\u00f3n confidencial a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2012-2016",
"lastModified": "2024-11-21T01:38:18.197",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-06-29T22:55:01.187",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-17 15:15
Modified
2024-11-21 08:36
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A potential security vulnerability has been identified with HP-UX System Management Homepage (SMH). This vulnerability could be exploited locally or remotely to disclose information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| hp | hp-ux | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE4DE6A2-D162-4F87-B792-C5CA3003EEE0",
"versionEndExcluding": "a.3.2.23.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F480AA32-841A-4E68-9343-B2E7548B0A0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nA potential security vulnerability has been identified with HP-UX System Management Homepage (SMH). This vulnerability could be exploited locally or remotely to disclose information.\n\n"
},
{
"lang": "es",
"value": "Se ha identificado una posible vulnerabilidad de seguridad en HP-UX System Management Homepage (SMH). Esta vulnerabilidad podr\u00eda explotarse local o remotamente para revelar informaci\u00f3n."
}
],
"id": "CVE-2023-50271",
"lastModified": "2024-11-21T08:36:47.757",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.7,
"source": "security-alert@hpe.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-17T15:15:07.173",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbux04551en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbux04551en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "security-alert@hpe.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-09-23 10:18
Modified
2024-11-21 01:56
Severity ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "525F8984-5088-4A9F-9EBE-031FDCF3C26C",
"versionEndIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1.104:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDEA64C-7511-4E71-8DFA-6E66531AC461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2.106:*:*:*:*:*:*:*",
"matchCriteriaId": "F304AB45-8298-4426-91B3-B99ED7FF6C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "1C035D5C-90ED-4259-B05C-BEF93D81F42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103\\(a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "824996A5-C2CC-4FC5-8705-F6B4D69F39B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBF9F0E-AA30-4E5A-B23E-DD895303245C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2005B3-1914-4B4B-892A-8CCC0F39EF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0.121:*:*:*:*:*:*:*",
"matchCriteriaId": "61ED0B94-3CC3-427C-A038-90C6CEF768BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6426924C-AA5C-4C93-AB8B-9314CD010139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7DCF4F-609A-497B-A32E-3D946EC2EE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2.127:*:*:*:*:*:*:*",
"matchCriteriaId": "ECEAE287-0A13-4DB3-A36D-BD50148BE9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E5C789-9827-47DF-A47C-454DF7687E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECF53BE-0E3A-41F8-AFD2-29CA3F2D0C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4.143:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D25EAF-145F-4D96-836E-1B7C3FE53E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBB25A-A1DE-4943-9EE5-0FCF21A55666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*",
"matchCriteriaId": "C43EF082-E9AB-41D3-B7AF-936B84BB6AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5379C7-0061-4C53-8B81-45F8063956DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:b:*:*:*:*:*:*",
"matchCriteriaId": "FD94C7BD-B398-42BF-9FB9-EB4581AF98E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B61485E4-6EC1-4886-AB47-F5BC8E72A08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*",
"matchCriteriaId": "203163D8-15E8-4F2D-A807-7643EA0D6920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6.156:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF2CB88-3E10-48BF-8D49-994A3E6014E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E354FF4-5CDD-4B79-B56C-2C774B235D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9CEFE-23C2-4455-BE6F-51D26487D3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7.168:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1A3FCF-B0AD-45DF-96D3-09BE755F94A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0DA8D6-3B1D-4935-855E-9431EB4BA683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8.179:*:*:*:*:*:*:*",
"matchCriteriaId": "D75CC6FB-FB51-42DD-B708-54A99B10F70A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFAF26C-7BFE-479E-880C-B13E78780625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95912B-8C95-4CA8-BDA7-76074E20E362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3162C720-A042-48D8-A598-5CC9845C5715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDD728B-9E92-4EC8-BD61-6E1AE300CE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:*:*:*:*:*:*:*",
"matchCriteriaId": "73D573A1-93F3-4652-9E64-EDED09731EF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:b:*:*:*:*:*:*",
"matchCriteriaId": "8B6EF4B8-AF43-4777-9556-CA6DFF864B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:c:*:*:*:*:*:*",
"matchCriteriaId": "42050FEF-5456-4340-9AD1-00448E4B5E34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEEE1E4-1883-411E-A4BA-985041880439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3E3BC1-A986-4942-80FA-5911428F8E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11.197:a:*:*:*:*:*:*",
"matchCriteriaId": "96B6DA99-20FA-4622-8F1C-3086143CAE90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AC00-8A30-49CB-956D-715053A920D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*",
"matchCriteriaId": "F425004A-EC16-44E8-A297-21F33F802FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12.201:*:*:*:*:*:*:*",
"matchCriteriaId": "849BE02B-513B-405E-A430-DF9D02C0A666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "4C655A93-EAF6-4AC5-97B6-39601457FE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C46B2D3D-1B9A-4AE4-BDE2-4E6C388356EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "50D50984-75F5-4F70-96BB-E2133E1360AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15-210:*:*:*:*:*:*:*",
"matchCriteriaId": "BD611329-F5D3-455D-A275-4D61429357E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15.210:*:*:*:*:*:*:*",
"matchCriteriaId": "09857263-747C-40F5-9744-21FD03187CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2C14DB20-E22E-466E-A3CD-C841CFDF2A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8881820B-29B4-41DB-AEED-5513A347E290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA1487A6-D639-4CA5-9696-47E04D621AD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0-68:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0C8455-CAAC-463E-A0D6-D21B8FB1BE31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "C78C2C5A-F788-4F25-BD19-50C76C802329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "46BDF870-3717-4486-8F45-55794F3DC712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1-73:*:*:*:*:*:*:*",
"matchCriteriaId": "4F6E0634-1562-4DC4-80A1-283ED369176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1.73:*:*:*:*:*:*:*",
"matchCriteriaId": "70E1319D-7BA1-43AC-A4E2-69D2E885DE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7C8CC2-1C1C-4813-8CEE-70F3F2AF3F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2-77:*:*:*:*:*:*:*",
"matchCriteriaId": "692B6E95-A67C-41E4-AEF7-CD4F01E802D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE5FC25-ADBE-41E9-A5F6-51BE9D451AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:b:*:*:*:*:*:*",
"matchCriteriaId": "BBE1D8A2-4AE0-4D0B-8D4D-D842E74ED328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "19DC0DB5-998A-4CE3-9AFE-A4009E6E755F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0-95:*:*:*:*:*:*:*",
"matchCriteriaId": "8CF6C235-1889-453D-8DBF-3A6165DEC833",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "51033974-B685-4214-B45D-5ED7DBDA95AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CBED89BD-C66E-4B5B-AA6F-8F79246AE5DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "81DB7A7A-A051-40AE-A12E-A54DF6F41C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0.102:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2379BD-5FAE-4D3D-8BDF-0BD3DC3EAA41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8A4A11-24D2-4BEC-9D29-78BB72518A59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1B21D4B4-172C-4D00-AAC1-459F33F4D3BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C17F3CE1-D6A2-4B15-856C-8D083B32274F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7349879C-6CBE-4636-B6E7-C25955DE680B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A2A419-3E62-4244-83D9-354755BEAA0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26EB8583-BF1A-4DA7-B560-EDDEBD4D7DA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en HP System Management Homepage (SMH) anteriores a 7.2.1 permite a usuarios autenticados remotamente causar denegaci\u00f3n de servicio a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2013-4821",
"lastModified": "2024-11-21T01:56:28.520",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-09-23T10:18:59.017",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/895524"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/895524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-04-29 22:55
Modified
2024-11-21 01:26
Severity ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote authenticated users to execute arbitrary code via unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB6F47A-9ADC-4F29-B8A6-647F8019B5F1",
"versionEndIncluding": "6.2.3.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1.104:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDEA64C-7511-4E71-8DFA-6E66531AC461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2.106:*:*:*:*:*:*:*",
"matchCriteriaId": "F304AB45-8298-4426-91B3-B99ED7FF6C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "1C035D5C-90ED-4259-B05C-BEF93D81F42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103\\(a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "824996A5-C2CC-4FC5-8705-F6B4D69F39B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBF9F0E-AA30-4E5A-B23E-DD895303245C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2005B3-1914-4B4B-892A-8CCC0F39EF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0.121:*:*:*:*:*:*:*",
"matchCriteriaId": "61ED0B94-3CC3-427C-A038-90C6CEF768BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6426924C-AA5C-4C93-AB8B-9314CD010139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7DCF4F-609A-497B-A32E-3D946EC2EE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2.127:*:*:*:*:*:*:*",
"matchCriteriaId": "ECEAE287-0A13-4DB3-A36D-BD50148BE9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E5C789-9827-47DF-A47C-454DF7687E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECF53BE-0E3A-41F8-AFD2-29CA3F2D0C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4.143:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D25EAF-145F-4D96-836E-1B7C3FE53E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBB25A-A1DE-4943-9EE5-0FCF21A55666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*",
"matchCriteriaId": "C43EF082-E9AB-41D3-B7AF-936B84BB6AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5379C7-0061-4C53-8B81-45F8063956DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:b:*:*:*:*:*:*",
"matchCriteriaId": "FD94C7BD-B398-42BF-9FB9-EB4581AF98E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B61485E4-6EC1-4886-AB47-F5BC8E72A08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*",
"matchCriteriaId": "203163D8-15E8-4F2D-A807-7643EA0D6920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6.156:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF2CB88-3E10-48BF-8D49-994A3E6014E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E354FF4-5CDD-4B79-B56C-2C774B235D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9CEFE-23C2-4455-BE6F-51D26487D3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7.168:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1A3FCF-B0AD-45DF-96D3-09BE755F94A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0DA8D6-3B1D-4935-855E-9431EB4BA683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8.179:*:*:*:*:*:*:*",
"matchCriteriaId": "D75CC6FB-FB51-42DD-B708-54A99B10F70A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFAF26C-7BFE-479E-880C-B13E78780625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95912B-8C95-4CA8-BDA7-76074E20E362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3162C720-A042-48D8-A598-5CC9845C5715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDD728B-9E92-4EC8-BD61-6E1AE300CE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:*:*:*:*:*:*:*",
"matchCriteriaId": "73D573A1-93F3-4652-9E64-EDED09731EF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:b:*:*:*:*:*:*",
"matchCriteriaId": "8B6EF4B8-AF43-4777-9556-CA6DFF864B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:c:*:*:*:*:*:*",
"matchCriteriaId": "42050FEF-5456-4340-9AD1-00448E4B5E34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEEE1E4-1883-411E-A4BA-985041880439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3E3BC1-A986-4942-80FA-5911428F8E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11.197:a:*:*:*:*:*:*",
"matchCriteriaId": "96B6DA99-20FA-4622-8F1C-3086143CAE90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AC00-8A30-49CB-956D-715053A920D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*",
"matchCriteriaId": "F425004A-EC16-44E8-A297-21F33F802FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12.201:*:*:*:*:*:*:*",
"matchCriteriaId": "849BE02B-513B-405E-A430-DF9D02C0A666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C46B2D3D-1B9A-4AE4-BDE2-4E6C388356EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14.204:*:*:*:*:*:*:*",
"matchCriteriaId": "5E380736-DB0E-4A1A-AD08-0E1ACD3AC139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15-210:*:*:*:*:*:*:*",
"matchCriteriaId": "BD611329-F5D3-455D-A275-4D61429357E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15.210:*:*:*:*:*:*:*",
"matchCriteriaId": "09857263-747C-40F5-9744-21FD03187CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2C14DB20-E22E-466E-A3CD-C841CFDF2A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8881820B-29B4-41DB-AEED-5513A347E290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0-68:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0C8455-CAAC-463E-A0D6-D21B8FB1BE31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "C78C2C5A-F788-4F25-BD19-50C76C802329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1-73:*:*:*:*:*:*:*",
"matchCriteriaId": "4F6E0634-1562-4DC4-80A1-283ED369176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1.73:*:*:*:*:*:*:*",
"matchCriteriaId": "70E1319D-7BA1-43AC-A4E2-69D2E885DE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2-77:*:*:*:*:*:*:*",
"matchCriteriaId": "692B6E95-A67C-41E4-AEF7-CD4F01E802D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE5FC25-ADBE-41E9-A5F6-51BE9D451AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:b:*:*:*:*:*:*",
"matchCriteriaId": "BBE1D8A2-4AE0-4D0B-8D4D-D842E74ED328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "19DC0DB5-998A-4CE3-9AFE-A4009E6E755F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0-95:*:*:*:*:*:*:*",
"matchCriteriaId": "8CF6C235-1889-453D-8DBF-3A6165DEC833",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "51033974-B685-4214-B45D-5ED7DBDA95AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CBED89BD-C66E-4B5B-AA6F-8F79246AE5DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "81DB7A7A-A051-40AE-A12E-A54DF6F41C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0.102:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2379BD-5FAE-4D3D-8BDF-0BD3DC3EAA41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "53117BA1-AEBC-4183-B34A-F12445B07C34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.0-12:*:*:*:*:*:*:*",
"matchCriteriaId": "C2C5F81A-71AD-419C-A503-4687A9AA6E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3F93B660-A1D9-4450-9357-FA09A4460A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.1-14:*:*:*:*:*:*:*",
"matchCriteriaId": "06FE9BF5-FD22-4D72-8196-B5FF88BCC445",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "760740D8-FB81-41FE-A367-35CDFA3679FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.2-2:*:*:*:*:*:*:*",
"matchCriteriaId": "19E0B008-0095-43D9-AB00-5CC947950923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1B21D4B4-172C-4D00-AAC1-459F33F4D3BB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote authenticated users to execute arbitrary code via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en HP System Management Homepage (SMH) antes de la versi\u00f3n v6.3 permite a usuarios remotos autenticados ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2011-1540",
"lastModified": "2024-11-21T01:26:32.933",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-04-29T22:55:01.077",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://securityreason.com/securityalert/8233"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securityfocus.com/bid/47507"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securitytracker.com/id?1025414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8233"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/47507"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025414"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-19 02:00
Modified
2024-11-21 02:54
Severity ?
Summary
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | communications_user_data_repository | 10.0.0 | |
| oracle | communications_user_data_repository | 10.0.1 | |
| oracle | communications_user_data_repository | 12.0.0 | |
| oracle | enterprise_manager_ops_center | 12.2.2 | |
| oracle | enterprise_manager_ops_center | 12.3.2 | |
| oracle | linux | 6 | |
| oracle | linux | 7 | |
| fedoraproject | fedora | 23 | |
| fedoraproject | fedora | 24 | |
| hp | storeever_msl6480_tape_library_firmware | * | |
| hp | storeever_msl6480_tape_library | - | |
| hp | system_management_homepage | * | |
| php | php | * | |
| php | php | * | |
| php | php | * | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| debian | debian_linux | 8.0 | |
| opensuse | leap | 42.1 | |
| drupal | drupal | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_user_data_repository:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6D2C3F5-73E2-4988-9416-940C3C09F25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_user_data_repository:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0473C6C9-B0C5-43F0-AC8C-C0DAD30DACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_user_data_repository:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0E94636C-58E3-4B5C-9B18-E5129F6B4A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BE12B6A4-E128-41EC-8017-558F50B961BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F8B45C6-A877-4317-BCE5-EF9E9542276A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*",
"matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*",
"matchCriteriaId": "44B8FEDF-6CB0-46E9-9AD7-4445B001C158",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*",
"matchCriteriaId": "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*",
"matchCriteriaId": "C729D5D1-ED95-443A-9F53-5D7C2FD9B80C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:storeever_msl6480_tape_library_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DD08A69-9606-479F-81BE-8F418DF05266",
"versionEndIncluding": "5.09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:storeever_msl6480_tape_library:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C169BFCD-5DDB-4E19-92A4-C396EB6FCAA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD3FEB80-163D-4589-B6A8-6BB1ADCB6A10",
"versionEndIncluding": "7.5.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F79D472-7AF7-4954-8C63-7C063613ADC6",
"versionEndExcluding": "5.5.38",
"versionStartIncluding": "5.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE57AD0E-537B-4A24-B296-589BFD241DD7",
"versionEndExcluding": "5.6.24",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "683B36BC-9508-4727-B755-173925688175",
"versionEndIncluding": "7.0.8",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3934EDE6-6A75-4883-835D-4300E29E8C8D",
"versionEndExcluding": "8.1.7",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application\u0027s outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv(\u0027HTTP_PROXY\u0027) call or (2) a CGI configuration of PHP, aka an \"httpoxy\" issue."
},
{
"lang": "es",
"value": "PHP hasta la versi\u00f3n 7.0.8 no intenta abordar los conflictos de espacio de nombres de RFC 3875 secci\u00f3n 4.1.18 y por lo tanto no protege aplicaciones de la presencia de datos de clientes no confiables en ambiente variable de HTTP_PROXY, lo que ppodr\u00eda permitir a atacantes remotos redireccionar el tr\u00e1fico HTTP saliente de una aplicaci\u00f3n a un servidor proxy arbitrario trav\u00e9s de una cabecera Proxy manipulada en una petici\u00f3n HTTP, seg\u00fan lo demostrado por (1) una aplicaci\u00f3n que hace una llamada getenv(\u0027HTTP_PROXY\u0027) o (2) una configuraci\u00f3n CGI de PHP, tambi\u00e9n conocido como problema \"httpoxy\"."
}
],
"id": "CVE-2016-5385",
"lastModified": "2024-11-21T02:54:12.637",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-19T02:00:17.773",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1609.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1610.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1611.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1612.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1613.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3631"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/797896"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91821"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036335"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353794"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/guzzle/guzzle/releases/tag/6.2.1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03770en_us"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05333297"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://httpoxy.org/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RMYXAVNYL2MOBJTFATE73TOVOEZYC5R/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXFEIMZPSVGZQQAYIQ7U7DFVX3IBSDLF/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZOIUYZDBWNDDHC6XTOLZYRMRXZWTJCP/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.drupal.org/SA-CORE-2016-003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1609.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1610.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1611.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1612.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1613.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3631"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/797896"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91821"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036335"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/guzzle/guzzle/releases/tag/6.2.1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03770en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05333297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://httpoxy.org/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RMYXAVNYL2MOBJTFATE73TOVOEZYC5R/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXFEIMZPSVGZQQAYIQ7U7DFVX3IBSDLF/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZOIUYZDBWNDDHC6XTOLZYRMRXZWTJCP/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.drupal.org/SA-CORE-2016-003"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-04-29 22:55
Modified
2024-11-21 01:26
Severity ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote attackers to bypass intended access restrictions, and consequently execute arbitrary code, via unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB6F47A-9ADC-4F29-B8A6-647F8019B5F1",
"versionEndIncluding": "6.2.3.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1.104:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDEA64C-7511-4E71-8DFA-6E66531AC461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2.106:*:*:*:*:*:*:*",
"matchCriteriaId": "F304AB45-8298-4426-91B3-B99ED7FF6C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "1C035D5C-90ED-4259-B05C-BEF93D81F42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103\\(a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "824996A5-C2CC-4FC5-8705-F6B4D69F39B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBF9F0E-AA30-4E5A-B23E-DD895303245C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2005B3-1914-4B4B-892A-8CCC0F39EF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0.121:*:*:*:*:*:*:*",
"matchCriteriaId": "61ED0B94-3CC3-427C-A038-90C6CEF768BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6426924C-AA5C-4C93-AB8B-9314CD010139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7DCF4F-609A-497B-A32E-3D946EC2EE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2.127:*:*:*:*:*:*:*",
"matchCriteriaId": "ECEAE287-0A13-4DB3-A36D-BD50148BE9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E5C789-9827-47DF-A47C-454DF7687E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECF53BE-0E3A-41F8-AFD2-29CA3F2D0C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4.143:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D25EAF-145F-4D96-836E-1B7C3FE53E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBB25A-A1DE-4943-9EE5-0FCF21A55666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*",
"matchCriteriaId": "C43EF082-E9AB-41D3-B7AF-936B84BB6AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5379C7-0061-4C53-8B81-45F8063956DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:b:*:*:*:*:*:*",
"matchCriteriaId": "FD94C7BD-B398-42BF-9FB9-EB4581AF98E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B61485E4-6EC1-4886-AB47-F5BC8E72A08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*",
"matchCriteriaId": "203163D8-15E8-4F2D-A807-7643EA0D6920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6.156:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF2CB88-3E10-48BF-8D49-994A3E6014E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E354FF4-5CDD-4B79-B56C-2C774B235D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9CEFE-23C2-4455-BE6F-51D26487D3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7.168:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1A3FCF-B0AD-45DF-96D3-09BE755F94A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0DA8D6-3B1D-4935-855E-9431EB4BA683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8.179:*:*:*:*:*:*:*",
"matchCriteriaId": "D75CC6FB-FB51-42DD-B708-54A99B10F70A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFAF26C-7BFE-479E-880C-B13E78780625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95912B-8C95-4CA8-BDA7-76074E20E362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3162C720-A042-48D8-A598-5CC9845C5715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDD728B-9E92-4EC8-BD61-6E1AE300CE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:*:*:*:*:*:*:*",
"matchCriteriaId": "73D573A1-93F3-4652-9E64-EDED09731EF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:b:*:*:*:*:*:*",
"matchCriteriaId": "8B6EF4B8-AF43-4777-9556-CA6DFF864B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:c:*:*:*:*:*:*",
"matchCriteriaId": "42050FEF-5456-4340-9AD1-00448E4B5E34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEEE1E4-1883-411E-A4BA-985041880439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3E3BC1-A986-4942-80FA-5911428F8E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11.197:a:*:*:*:*:*:*",
"matchCriteriaId": "96B6DA99-20FA-4622-8F1C-3086143CAE90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AC00-8A30-49CB-956D-715053A920D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*",
"matchCriteriaId": "F425004A-EC16-44E8-A297-21F33F802FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12.201:*:*:*:*:*:*:*",
"matchCriteriaId": "849BE02B-513B-405E-A430-DF9D02C0A666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C46B2D3D-1B9A-4AE4-BDE2-4E6C388356EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14.204:*:*:*:*:*:*:*",
"matchCriteriaId": "5E380736-DB0E-4A1A-AD08-0E1ACD3AC139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15-210:*:*:*:*:*:*:*",
"matchCriteriaId": "BD611329-F5D3-455D-A275-4D61429357E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15.210:*:*:*:*:*:*:*",
"matchCriteriaId": "09857263-747C-40F5-9744-21FD03187CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2C14DB20-E22E-466E-A3CD-C841CFDF2A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8881820B-29B4-41DB-AEED-5513A347E290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0-68:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0C8455-CAAC-463E-A0D6-D21B8FB1BE31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "C78C2C5A-F788-4F25-BD19-50C76C802329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1-73:*:*:*:*:*:*:*",
"matchCriteriaId": "4F6E0634-1562-4DC4-80A1-283ED369176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1.73:*:*:*:*:*:*:*",
"matchCriteriaId": "70E1319D-7BA1-43AC-A4E2-69D2E885DE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2-77:*:*:*:*:*:*:*",
"matchCriteriaId": "692B6E95-A67C-41E4-AEF7-CD4F01E802D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE5FC25-ADBE-41E9-A5F6-51BE9D451AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:b:*:*:*:*:*:*",
"matchCriteriaId": "BBE1D8A2-4AE0-4D0B-8D4D-D842E74ED328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "19DC0DB5-998A-4CE3-9AFE-A4009E6E755F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0-95:*:*:*:*:*:*:*",
"matchCriteriaId": "8CF6C235-1889-453D-8DBF-3A6165DEC833",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "51033974-B685-4214-B45D-5ED7DBDA95AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CBED89BD-C66E-4B5B-AA6F-8F79246AE5DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "81DB7A7A-A051-40AE-A12E-A54DF6F41C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0.102:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2379BD-5FAE-4D3D-8BDF-0BD3DC3EAA41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "53117BA1-AEBC-4183-B34A-F12445B07C34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.0-12:*:*:*:*:*:*:*",
"matchCriteriaId": "C2C5F81A-71AD-419C-A503-4687A9AA6E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3F93B660-A1D9-4450-9357-FA09A4460A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.1-14:*:*:*:*:*:*:*",
"matchCriteriaId": "06FE9BF5-FD22-4D72-8196-B5FF88BCC445",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "760740D8-FB81-41FE-A367-35CDFA3679FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.2-2:*:*:*:*:*:*:*",
"matchCriteriaId": "19E0B008-0095-43D9-AB00-5CC947950923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1B21D4B4-172C-4D00-AAC1-459F33F4D3BB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote attackers to bypass intended access restrictions, and consequently execute arbitrary code, via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en HP System Management Homepage (SMH) antes de v6.3 permite a atacantes remotos evitar las restricciones de acceso previsto, y por lo tanto ejecutar c\u00f3digo arbitrario, a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2011-1541",
"lastModified": "2024-11-21T01:26:33.073",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-04-29T22:55:01.107",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://securityreason.com/securityalert/8233"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securityfocus.com/bid/47512"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securitytracker.com/id?1025414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8233"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/47512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025414"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-06-06 01:30
Modified
2024-11-21 00:32
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.2 running on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | 2.0.0 | |
| hp | system_management_homepage | 2.0.1 | |
| hp | system_management_homepage | 2.0.2 | |
| hp | system_management_homepage | 2.1 | |
| hp | system_management_homepage | 2.1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.2 running on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en HP System Management Homepage (SMH) en versiones anteriores a 2.1.2 corriendo en Linux y Windows permite a atacantes remotos inyectar secuencias de comandos (script) web o HTML de su elecci\u00f3n a trav\u00e9s de vectores sin especificar."
}
],
"id": "CVE-2007-3062",
"lastModified": "2024-11-21T00:32:19.373",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-06-06T01:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01056592"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01056592"
},
{
"source": "cve@mitre.org",
"url": "http://jvn.jp/jp/JVN%2319240523/index.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36829"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25493"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/292457"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24256"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securitytracker.com/id?1018179"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2013"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34656"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01056592"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01056592"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/jp/JVN%2319240523/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36829"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25493"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/292457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securitytracker.com/id?1018179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34656"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-03-18 10:59
Modified
2024-11-21 02:47
Severity ?
Summary
HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D06BF4CE-299F-42E4-BA0A-5D68788C92DF",
"versionEndIncluding": "7.5.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors."
},
{
"lang": "es",
"value": "HPE System Management Homepage en versiones anteriores a 7.5.4 permite a usuarios remotos autenticados obtener informaci\u00f3n sensible o modificar datos a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-1993",
"lastModified": "2024-11-21T02:47:30.653",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-03-18T10:59:01.380",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1035325"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-15 22:29
Modified
2024-11-21 03:09
Severity ?
Summary
A cross-site scripting vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-alert@hpe.com | http://www.securityfocus.com/bid/101029 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | http://www.securitytracker.com/id/1039437 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101029 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039437 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| linux | linux_kernel | - | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74107D7F-60E9-4A88-85D4-9594553A01C2",
"versionEndExcluding": "7.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad de Cross-Site Scripting (XSS) en HPE System Management Homepage para Windows y Linux en versiones anteriores a la 7.6."
}
],
"id": "CVE-2017-12544",
"lastModified": "2024-11-21T03:09:43.563",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-15T22:29:04.373",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-15 22:29
Modified
2024-11-21 03:09
Severity ?
Summary
A local buffer overflow vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-alert@hpe.com | http://www.securityfocus.com/bid/101029 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | http://www.securitytracker.com/id/1039437 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101029 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039437 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| linux | linux_kernel | - | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74107D7F-60E9-4A88-85D4-9594553A01C2",
"versionEndExcluding": "7.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local buffer overflow vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad de desbordamiento de b\u00fafer local en HPE System Management Homepage para Windows y Linux en versiones anteriores a la 7.6."
}
],
"id": "CVE-2017-12546",
"lastModified": "2024-11-21T03:09:43.800",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:N",
"version": "2.0"
},
"exploitabilityScore": 1.5,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 0.3,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-15T22:29:04.497",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-09-24 19:00
Modified
2024-11-21 01:18
Severity ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to obtain sensitive information via unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "837D0ADA-3858-468E-877A-9363CB7C9696",
"versionEndIncluding": "6.1.0.102",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1.104:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDEA64C-7511-4E71-8DFA-6E66531AC461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2.106:*:*:*:*:*:*:*",
"matchCriteriaId": "F304AB45-8298-4426-91B3-B99ED7FF6C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "1C035D5C-90ED-4259-B05C-BEF93D81F42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103\\(a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "824996A5-C2CC-4FC5-8705-F6B4D69F39B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBF9F0E-AA30-4E5A-B23E-DD895303245C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2005B3-1914-4B4B-892A-8CCC0F39EF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0.121:*:*:*:*:*:*:*",
"matchCriteriaId": "61ED0B94-3CC3-427C-A038-90C6CEF768BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6426924C-AA5C-4C93-AB8B-9314CD010139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7DCF4F-609A-497B-A32E-3D946EC2EE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2.127:*:*:*:*:*:*:*",
"matchCriteriaId": "ECEAE287-0A13-4DB3-A36D-BD50148BE9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E5C789-9827-47DF-A47C-454DF7687E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECF53BE-0E3A-41F8-AFD2-29CA3F2D0C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4.143:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D25EAF-145F-4D96-836E-1B7C3FE53E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBB25A-A1DE-4943-9EE5-0FCF21A55666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*",
"matchCriteriaId": "C43EF082-E9AB-41D3-B7AF-936B84BB6AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5379C7-0061-4C53-8B81-45F8063956DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:b:*:*:*:*:*:*",
"matchCriteriaId": "FD94C7BD-B398-42BF-9FB9-EB4581AF98E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B61485E4-6EC1-4886-AB47-F5BC8E72A08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*",
"matchCriteriaId": "203163D8-15E8-4F2D-A807-7643EA0D6920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6.156:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF2CB88-3E10-48BF-8D49-994A3E6014E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E354FF4-5CDD-4B79-B56C-2C774B235D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9CEFE-23C2-4455-BE6F-51D26487D3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7.168:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1A3FCF-B0AD-45DF-96D3-09BE755F94A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0DA8D6-3B1D-4935-855E-9431EB4BA683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8.179:*:*:*:*:*:*:*",
"matchCriteriaId": "D75CC6FB-FB51-42DD-B708-54A99B10F70A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFAF26C-7BFE-479E-880C-B13E78780625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95912B-8C95-4CA8-BDA7-76074E20E362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3162C720-A042-48D8-A598-5CC9845C5715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDD728B-9E92-4EC8-BD61-6E1AE300CE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:*:*:*:*:*:*:*",
"matchCriteriaId": "73D573A1-93F3-4652-9E64-EDED09731EF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:b:*:*:*:*:*:*",
"matchCriteriaId": "8B6EF4B8-AF43-4777-9556-CA6DFF864B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:c:*:*:*:*:*:*",
"matchCriteriaId": "42050FEF-5456-4340-9AD1-00448E4B5E34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEEE1E4-1883-411E-A4BA-985041880439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3E3BC1-A986-4942-80FA-5911428F8E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11.197:a:*:*:*:*:*:*",
"matchCriteriaId": "96B6DA99-20FA-4622-8F1C-3086143CAE90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AC00-8A30-49CB-956D-715053A920D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*",
"matchCriteriaId": "F425004A-EC16-44E8-A297-21F33F802FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12.201:*:*:*:*:*:*:*",
"matchCriteriaId": "849BE02B-513B-405E-A430-DF9D02C0A666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C46B2D3D-1B9A-4AE4-BDE2-4E6C388356EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14.204:*:*:*:*:*:*:*",
"matchCriteriaId": "5E380736-DB0E-4A1A-AD08-0E1ACD3AC139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15-210:*:*:*:*:*:*:*",
"matchCriteriaId": "BD611329-F5D3-455D-A275-4D61429357E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15.210:*:*:*:*:*:*:*",
"matchCriteriaId": "09857263-747C-40F5-9744-21FD03187CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2C14DB20-E22E-466E-A3CD-C841CFDF2A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8881820B-29B4-41DB-AEED-5513A347E290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0-68:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0C8455-CAAC-463E-A0D6-D21B8FB1BE31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "C78C2C5A-F788-4F25-BD19-50C76C802329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1-73:*:*:*:*:*:*:*",
"matchCriteriaId": "4F6E0634-1562-4DC4-80A1-283ED369176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1.73:*:*:*:*:*:*:*",
"matchCriteriaId": "70E1319D-7BA1-43AC-A4E2-69D2E885DE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2-77:*:*:*:*:*:*:*",
"matchCriteriaId": "692B6E95-A67C-41E4-AEF7-CD4F01E802D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE5FC25-ADBE-41E9-A5F6-51BE9D451AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:b:*:*:*:*:*:*",
"matchCriteriaId": "BBE1D8A2-4AE0-4D0B-8D4D-D842E74ED328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "19DC0DB5-998A-4CE3-9AFE-A4009E6E755F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0-95:*:*:*:*:*:*:*",
"matchCriteriaId": "8CF6C235-1889-453D-8DBF-3A6165DEC833",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "51033974-B685-4214-B45D-5ED7DBDA95AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CBED89BD-C66E-4B5B-AA6F-8F79246AE5DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "81DB7A7A-A051-40AE-A12E-A54DF6F41C7C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to obtain sensitive information via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en HP System Management Homepage (SMH) en versiones anteriores a la v6.2 permite a atacantes remotos obtener informaci\u00f3n confidencial a trav\u00e9s de vectores de ataque desconocidos."
}
],
"id": "CVE-2010-3284",
"lastModified": "2024-11-21T01:18:26.290",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-09-24T19:00:04.857",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128525531721328\u0026w=2"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128525531721328\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128525531721328\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128525531721328\u0026w=2"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-15 22:29
Modified
2024-11-21 03:09
Severity ?
Summary
A local security misconfiguration vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-alert@hpe.com | http://www.securityfocus.com/bid/101029 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | http://www.securitytracker.com/id/1039437 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101029 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039437 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| linux | linux_kernel | - | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74107D7F-60E9-4A88-85D4-9594553A01C2",
"versionEndExcluding": "7.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local security misconfiguration vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad de error de configuraci\u00f3n de seguridad en HPE System Management Homepage para Windows y Linux en versiones anteriores a la 7.6."
}
],
"id": "CVE-2017-12550",
"lastModified": "2024-11-21T03:09:44.267",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:S/C:N/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 1.5,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.3,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-15T22:29:04.670",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-12-28 23:59
Modified
2024-11-21 02:38
Severity ?
Summary
Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors.
References
Impacted products
{
"cisaActionDue": "2022-06-15",
"cisaExploitAdd": "2022-05-25",
"cisaRequiredAction": "The impacted product is end-of-life and should be disconnected if still in use.",
"cisaVulnerabilityName": "Adobe Flash Player Integer Overflow Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5AEC3F3-52AF-46E6-A4D1-79854036B3C0",
"versionEndExcluding": "20.0.0.233",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C954724-30BB-4215-8BEA-930A81B73ADF",
"versionEndExcluding": "20.0.0.233",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "340C4071-1447-477F-942A-8E09EA29F917",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8255F035-04C8-4158-B301-82101711939C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A5D0BB1-753D-4C3C-9D86-D095C7964A50",
"versionEndExcluding": "11.2.202.559",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94665D71-220E-47CF-9108-4ABAA833FC87",
"versionEndExcluding": "20.0.0.233",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8255F035-04C8-4158-B301-82101711939C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA77DE00-4A06-4C87-96BB-81A6430456D8",
"versionEndExcluding": "18.0.0.324",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17AEDAF8-0784-4735-8245-DE60751067DA",
"versionEndExcluding": "20.0.0.267",
"versionStartIncluding": "19.0.0.185",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE4D64E-8C4B-4F21-A9B0-90637C85C1D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "17D4B6F2-514D-4BC2-B2C5-4E2FCCAC594C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
"matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*",
"matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "ED540469-C4DD-485D-9B89-6877B2A74217",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:insight_control:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB12FFA6-C8C5-4052-B6C3-F83119FF21EC",
"versionEndExcluding": "7.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_control_server_provisioning:*:*:*:*:*:*:*:*",
"matchCriteriaId": "661098DB-F0F8-4AC1-A758-23B33E70BD91",
"versionEndExcluding": "7.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:matrix_operating_environment:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "17A5B13C-7BC0-4E6B-9260-12C29AD068AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B49E6F3-2FA7-4B1A-A6AC-AD655CB83586",
"versionEndExcluding": "7.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:systems_insight_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2928FF2-3AD4-4220-B5E3-6069499ABD97",
"versionEndExcluding": "7.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:version_control_repository_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E08DDFC5-1DE5-4729-927C-823BB2E087FE",
"versionEndExcluding": "7.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK \u0026 Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors."
},
{
"lang": "es",
"value": "Desbordamiento de enteros en Adobe Flash Player en versiones anteriores a 18.0.0.324 y 19.x y 20.x en versiones anteriores a 20.0.0.267 en Windows y OS X y en versiones anteriores a 11.2.202.559 en Linux, Adobe AIR en versiones anteriores a 20.0.0.233, Adobe AIR SDK en versiones anteriores a 20.0.0.233 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 20.0.0.233 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-8651",
"lastModified": "2024-11-21T02:38:53.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2015-12-28T23:59:19.050",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2697.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/79705"
},
{
"source": "psirt@adobe.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1034544"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "psirt@adobe.com",
"tags": [
"Not Applicable",
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201601-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2697.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/79705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1034544"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201601-03"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Undergoing Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-15 22:29
Modified
2024-11-21 03:09
Severity ?
Summary
A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-alert@hpe.com | http://www.securityfocus.com/bid/101029 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | http://www.securitytracker.com/id/1039437 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101029 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039437 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| linux | linux_kernel | - | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74107D7F-60E9-4A88-85D4-9594553A01C2",
"versionEndExcluding": "7.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n local en HPE System Management Homepage para Windows y Linux en versiones anteriores a la 7.6."
}
],
"id": "CVE-2017-12553",
"lastModified": "2024-11-21T03:09:44.627",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:N",
"version": "2.0"
},
"exploitabilityScore": 1.5,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 0.3,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-15T22:29:04.827",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-22 11:19
Modified
2024-11-21 01:51
Severity ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2360.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| hp | system_management_homepage | 7.0 | |
| hp | system_management_homepage | 7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "525F8984-5088-4A9F-9EBE-031FDCF3C26C",
"versionEndIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A2A419-3E62-4244-83D9-354755BEAA0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26EB8583-BF1A-4DA7-B560-EDDEBD4D7DA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2360."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en HP System Management Homepage (SMH) anterior a 7.2.1, permite a usuarios autenticados remotamente provocar una denegaci\u00f3n de servicio a trav\u00e9s de vectores desconocidos. Vulnerabilidad distinta de CVE-2013-2357, CVE-2013-2358, y CVE-2013-2360."
}
],
"id": "CVE-2013-2359",
"lastModified": "2024-11-21T01:51:31.617",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-22T11:19:36.217",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-09-17 20:00
Modified
2024-11-21 01:17
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this issue was originally assigned CVE-2010-3010 due to a CNA error.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF08CF3-418F-409C-852F-5C03F54F466C",
"versionEndIncluding": "6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1.104:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDEA64C-7511-4E71-8DFA-6E66531AC461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2.106:*:*:*:*:*:*:*",
"matchCriteriaId": "F304AB45-8298-4426-91B3-B99ED7FF6C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "1C035D5C-90ED-4259-B05C-BEF93D81F42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103\\(a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "824996A5-C2CC-4FC5-8705-F6B4D69F39B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBF9F0E-AA30-4E5A-B23E-DD895303245C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2005B3-1914-4B4B-892A-8CCC0F39EF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0.121:*:*:*:*:*:*:*",
"matchCriteriaId": "61ED0B94-3CC3-427C-A038-90C6CEF768BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6426924C-AA5C-4C93-AB8B-9314CD010139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7DCF4F-609A-497B-A32E-3D946EC2EE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2.127:*:*:*:*:*:*:*",
"matchCriteriaId": "ECEAE287-0A13-4DB3-A36D-BD50148BE9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E5C789-9827-47DF-A47C-454DF7687E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECF53BE-0E3A-41F8-AFD2-29CA3F2D0C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4.143:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D25EAF-145F-4D96-836E-1B7C3FE53E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBB25A-A1DE-4943-9EE5-0FCF21A55666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*",
"matchCriteriaId": "C43EF082-E9AB-41D3-B7AF-936B84BB6AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5379C7-0061-4C53-8B81-45F8063956DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:b:*:*:*:*:*:*",
"matchCriteriaId": "FD94C7BD-B398-42BF-9FB9-EB4581AF98E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B61485E4-6EC1-4886-AB47-F5BC8E72A08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*",
"matchCriteriaId": "203163D8-15E8-4F2D-A807-7643EA0D6920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6.156:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF2CB88-3E10-48BF-8D49-994A3E6014E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E354FF4-5CDD-4B79-B56C-2C774B235D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9CEFE-23C2-4455-BE6F-51D26487D3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7.168:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1A3FCF-B0AD-45DF-96D3-09BE755F94A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0DA8D6-3B1D-4935-855E-9431EB4BA683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8.179:*:*:*:*:*:*:*",
"matchCriteriaId": "D75CC6FB-FB51-42DD-B708-54A99B10F70A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFAF26C-7BFE-479E-880C-B13E78780625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95912B-8C95-4CA8-BDA7-76074E20E362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3162C720-A042-48D8-A598-5CC9845C5715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDD728B-9E92-4EC8-BD61-6E1AE300CE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:*:*:*:*:*:*:*",
"matchCriteriaId": "73D573A1-93F3-4652-9E64-EDED09731EF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:b:*:*:*:*:*:*",
"matchCriteriaId": "8B6EF4B8-AF43-4777-9556-CA6DFF864B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:c:*:*:*:*:*:*",
"matchCriteriaId": "42050FEF-5456-4340-9AD1-00448E4B5E34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEEE1E4-1883-411E-A4BA-985041880439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3E3BC1-A986-4942-80FA-5911428F8E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11.197:a:*:*:*:*:*:*",
"matchCriteriaId": "96B6DA99-20FA-4622-8F1C-3086143CAE90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AC00-8A30-49CB-956D-715053A920D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*",
"matchCriteriaId": "F425004A-EC16-44E8-A297-21F33F802FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12.201:*:*:*:*:*:*:*",
"matchCriteriaId": "849BE02B-513B-405E-A430-DF9D02C0A666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C46B2D3D-1B9A-4AE4-BDE2-4E6C388356EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15-210:*:*:*:*:*:*:*",
"matchCriteriaId": "BD611329-F5D3-455D-A275-4D61429357E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15.210:*:*:*:*:*:*:*",
"matchCriteriaId": "09857263-747C-40F5-9744-21FD03187CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2C14DB20-E22E-466E-A3CD-C841CFDF2A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8881820B-29B4-41DB-AEED-5513A347E290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0-68:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0C8455-CAAC-463E-A0D6-D21B8FB1BE31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "C78C2C5A-F788-4F25-BD19-50C76C802329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1-73:*:*:*:*:*:*:*",
"matchCriteriaId": "4F6E0634-1562-4DC4-80A1-283ED369176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1.73:*:*:*:*:*:*:*",
"matchCriteriaId": "70E1319D-7BA1-43AC-A4E2-69D2E885DE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2-77:*:*:*:*:*:*:*",
"matchCriteriaId": "692B6E95-A67C-41E4-AEF7-CD4F01E802D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE5FC25-ADBE-41E9-A5F6-51BE9D451AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:b:*:*:*:*:*:*",
"matchCriteriaId": "BBE1D8A2-4AE0-4D0B-8D4D-D842E74ED328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "19DC0DB5-998A-4CE3-9AFE-A4009E6E755F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0-95:*:*:*:*:*:*:*",
"matchCriteriaId": "8CF6C235-1889-453D-8DBF-3A6165DEC833",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "51033974-B685-4214-B45D-5ED7DBDA95AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "81DB7A7A-A051-40AE-A12E-A54DF6F41C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0.102:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2379BD-5FAE-4D3D-8BDF-0BD3DC3EAA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this issue was originally assigned CVE-2010-3010 due to a CNA error."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en HP System Management Homepage (SMH) antes de v6.2 permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores no especificados. NOTA: este problema se le asign\u00f3 originalmente CVE-2010-3010 debido a un error de CNA."
}
],
"id": "CVE-2010-3012",
"lastModified": "2024-11-21T01:17:52.307",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-09-17T20:00:01.777",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41480"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41490"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-10-02 00:55
Modified
2024-11-21 02:06
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| hp | system_management_homepage | 7.0 | |
| hp | system_management_homepage | 7.1 | |
| hp | system_management_homepage | 7.2 | |
| hp | system_management_homepage | 7.2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "435ADA3D-8492-4643-852F-1C159D0D3CFF",
"versionEndIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A2A419-3E62-4244-83D9-354755BEAA0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26EB8583-BF1A-4DA7-B560-EDDEBD4D7DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B3B1667E-A36B-4777-976B-786E44747ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "416F2C9F-8FF2-4C31-98E2-545DE95A1F24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en HP System Management Homepage (SMH) anterior a 7.4 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-2640",
"lastModified": "2024-11-21T02:06:42.287",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-10-02T00:55:03.250",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/125228"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securitytracker.com/id/1030960"
},
{
"source": "hp-security-alert@hp.com",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"source": "hp-security-alert@hp.com",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"source": "hp-security-alert@hp.com",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/125228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030960"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-12 10:45
Modified
2024-11-21 01:31
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 6.2.2.7 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/43012 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43012 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | 6.2.2.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1B21D4B4-172C-4D00-AAC1-459F33F4D3BB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 6.2.2.7 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts."
},
{
"lang": "es",
"value": "Una vulnerabilidad de falsificaci\u00f3n de peticiones en sitios cruzados (CSRF) en HP System Management Homepage (SMH) v6.2.2.7 permite a atacantes remotos secuestrar la autenticaci\u00f3n de los administradores para las peticiones que crean las cuentas administrativas."
}
],
"id": "CVE-2011-3846",
"lastModified": "2024-11-21T01:31:23.520",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-04-12T10:45:13.877",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43012"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-15 22:29
Modified
2024-11-21 03:09
Severity ?
Summary
A local arbitrary execution of commands vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-alert@hpe.com | http://www.securityfocus.com/bid/101029 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | http://www.securitytracker.com/id/1039437 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101029 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039437 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| linux | linux_kernel | - | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74107D7F-60E9-4A88-85D4-9594553A01C2",
"versionEndExcluding": "7.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local arbitrary execution of commands vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad de ejecuci\u00f3n local de comandos arbitrarios en HPE System Management Homepage para Windows y Linux en versiones anteriores a la 7.6."
}
],
"id": "CVE-2017-12552",
"lastModified": "2024-11-21T03:09:44.517",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:S/C:N/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 1.5,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.3,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-15T22:29:04.777",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-07-09 00:41
Modified
2024-11-21 00:45
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) 2.1.10 and 2.1.11 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | 2.1.10 | |
| hp | system_management_homepage | 2.1.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3162C720-A042-48D8-A598-5CC9845C5715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEEE1E4-1883-411E-A4BA-985041880439",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) 2.1.10 and 2.1.11 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados en HP System Management Homepage (SMH) 2.1.10 y 2.1.11 en Linux y Windows que permite a los atacantes remotos insertar una secuencia arbitraria de comandos web o HTML a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2008-1663",
"lastModified": "2024-11-21T00:45:02.507",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-07-09T00:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=121492633526894\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=121492633526894\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30912"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3979"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/30029"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020406"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1990/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=121492633526894\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=121492633526894\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3979"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/30029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1990/references"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-28 21:59
Modified
2024-11-21 02:52
Severity ?
Summary
HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD3FEB80-163D-4589-B6A8-6BB1ADCB6A10",
"versionEndIncluding": "7.5.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a \"Buffer Overflow\" issue."
},
{
"lang": "es",
"value": "HPE System Management Homepage en versiones anteriores a v7.6 permite a atacantes remotos tener un impacto no especificado a trav\u00e9s de vectores desconocidos, relacionado con un problema de \"desbordamiento de b\u00fafer\"."
}
],
"id": "CVE-2016-4396",
"lastModified": "2024-11-21T02:52:01.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-28T21:59:05.187",
"references": [
{
"source": "security-alert@hpe.com",
"url": "http://www.securityfocus.com/bid/93961"
},
{
"source": "security-alert@hpe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-588"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149"
},
{
"source": "security-alert@hpe.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "security-alert@hpe.com",
"url": "https://www.tenable.com/security/research/tra-2016-32"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-588"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.tenable.com/security/research/tra-2016-32"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-19 02:00
Modified
2024-11-21 02:54
Severity ?
Summary
Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "A mitigation is planned for future releases of Tomcat, tracked as CVE-2016-5388"; in other words, this is not a CVE ID for a vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_server_tus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| hp | system_management_homepage | * | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| oracle | linux | 6 | |
| oracle | linux | 7 | |
| apache | tomcat | * | |
| apache | tomcat | * | |
| apache | tomcat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "39A901D6-0874-46A4-92A8-5F72C7A89E85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C8D871B-AEA1-4407-AEE3-47EC782250FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44B067C7-735E-43C9-9188-7E1522A02491",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6755B6AD-0422-467B-8115-34A60B1D1A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD3FEB80-163D-4589-B6A8-6BB1ADCB6A10",
"versionEndIncluding": "7.5.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7A498A-A669-4C42-8134-86103C799D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*",
"matchCriteriaId": "104DA87B-DEE4-4262-AE50-8E6BC43B228B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "036BA560-793B-48A6-93D6-868111C66E27",
"versionEndIncluding": "6.0.45",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "270A4D76-2684-4EFC-A039-91D64F96A1DB",
"versionEndIncluding": "7.0.70",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8264714E-208A-4B91-9F9F-C7EE59E73898",
"versionEndIncluding": "8.5.4",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application\u0027s outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an \"httpoxy\" issue. NOTE: the vendor states \"A mitigation is planned for future releases of Tomcat, tracked as CVE-2016-5388\"; in other words, this is not a CVE ID for a vulnerability."
},
{
"lang": "es",
"value": "Apache Tomcat, en versiones 7.x hasta la 7.0.70 y versiones 8.x hasta la 8.5.4, cuando el Servlet CGI est\u00e1 habilitado, sigue la secci\u00f3n 4.1.18 de RFC 3875 y, por lo tanto, no protege aplicaciones ante la presencia de datos de cliente no fiables en la variable de entorno HTTP_PROXY. Esto podr\u00eda permitir que atacantes remotos redirijan el tr\u00e1fico HTTP saliente de una aplicaci\u00f3n a un servidor proxy arbitrario mediante una cabecera Proxy manipulada en una petici\u00f3n HTTP. Esto tambi\u00e9n se conoce como problema \"httpoxy\". NOTA: el fabricante indica que \"se ha planeado una mitigaci\u00f3n para futuros lanzamientos de Tomcat, marcado con CVE-2016-5388\"; en otras palabras, esto no es el ID de CVE de una vulnerabilidad."
}
],
"id": "CVE-2016-5388",
"lastModified": "2024-11-21T02:54:13.163",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-19T02:00:20.820",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00025.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1624.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2045.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2046.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/797896"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91818"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securitytracker.com/id/1036331"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1635"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1636"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03770en_us"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://httpoxy.org/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/6b414817c2b0bf351138911c8c922ec5dd577ebc0b9a7f42d705752d%40%3Cissues.activemq.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/6d3d34adcf3dfc48e36342aa1f18ce3c20bb8e4c458a97508d5bfed1%40%3Cissues.activemq.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r2853582063cfd9e7fbae1e029ae004e6a83482ae9b70a698996353dd%40%3Cusers.tomcat.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/rc6b2147532416cc736e68a32678d3947b7053c3085cf43a9874fd102%40%3Cusers.tomcat.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/rf21b368769ae70de4dee840a3228721ae442f1d51ad8742003aefe39%40%3Cusers.tomcat.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://tomcat.apache.org/tomcat-7.0-doc/changelog.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.apache.org/security/asf-httpoxy-response.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1624.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2045.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2046.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/797896"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securitytracker.com/id/1036331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1635"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03770en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://httpoxy.org/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/6b414817c2b0bf351138911c8c922ec5dd577ebc0b9a7f42d705752d%40%3Cissues.activemq.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/6d3d34adcf3dfc48e36342aa1f18ce3c20bb8e4c458a97508d5bfed1%40%3Cissues.activemq.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r2853582063cfd9e7fbae1e029ae004e6a83482ae9b70a698996353dd%40%3Cusers.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rc6b2147532416cc736e68a32678d3947b7053c3085cf43a9874fd102%40%3Cusers.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rf21b368769ae70de4dee840a3228721ae442f1d51ad8742003aefe39%40%3Cusers.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://tomcat.apache.org/tomcat-7.0-doc/changelog.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.apache.org/security/asf-httpoxy-response.txt"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-15 22:29
Modified
2024-11-21 03:09
Severity ?
Summary
A local arbitrary execution of commands vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-alert@hpe.com | http://www.securityfocus.com/bid/101029 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | http://www.securitytracker.com/id/1039437 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101029 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039437 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| linux | linux_kernel | - | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74107D7F-60E9-4A88-85D4-9594553A01C2",
"versionEndExcluding": "7.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local arbitrary execution of commands vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad de ejecuci\u00f3n local de comandos arbitrarios en HPE System Management Homepage para Windows y Linux en versiones anteriores a la 7.6."
}
],
"id": "CVE-2017-12551",
"lastModified": "2024-11-21T03:09:44.390",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:S/C:N/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 1.5,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.3,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-15T22:29:04.717",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-14 10:55
Modified
2024-11-21 01:58
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 7.1 through 7.2.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | 7.1 | |
| hp | system_management_homepage | 7.2 | |
| hp | system_management_homepage | 7.2.1 | |
| hp | system_management_homepage | 7.2.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26EB8583-BF1A-4DA7-B560-EDDEBD4D7DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B3B1667E-A36B-4777-976B-786E44747ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "416F2C9F-8FF2-4C31-98E2-545DE95A1F24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "686823D2-42C0-47CF-9228-99E46A320197",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 7.1 through 7.2.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de CSRF en HP System Management Homepage (SMH) 7.1 hasta 7.2.2 permite a atacantes remotos secuestrar la autenticaci\u00f3n de v\u00edctimas no especificadas a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2013-6188",
"lastModified": "2024-11-21T01:58:47.787",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-03-14T10:55:05.397",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-18 10:33
Modified
2024-11-21 01:38
Severity ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows local users to modify data or obtain sensitive information via unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43535D7A-EBF8-4F36-8EE3-D446A936AA0E",
"versionEndIncluding": "6.1.0-103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1.104:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDEA64C-7511-4E71-8DFA-6E66531AC461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2.106:*:*:*:*:*:*:*",
"matchCriteriaId": "F304AB45-8298-4426-91B3-B99ED7FF6C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "1C035D5C-90ED-4259-B05C-BEF93D81F42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103\\(a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "824996A5-C2CC-4FC5-8705-F6B4D69F39B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBF9F0E-AA30-4E5A-B23E-DD895303245C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2005B3-1914-4B4B-892A-8CCC0F39EF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0.121:*:*:*:*:*:*:*",
"matchCriteriaId": "61ED0B94-3CC3-427C-A038-90C6CEF768BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6426924C-AA5C-4C93-AB8B-9314CD010139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7DCF4F-609A-497B-A32E-3D946EC2EE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2.127:*:*:*:*:*:*:*",
"matchCriteriaId": "ECEAE287-0A13-4DB3-A36D-BD50148BE9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E5C789-9827-47DF-A47C-454DF7687E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECF53BE-0E3A-41F8-AFD2-29CA3F2D0C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4.143:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D25EAF-145F-4D96-836E-1B7C3FE53E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBB25A-A1DE-4943-9EE5-0FCF21A55666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*",
"matchCriteriaId": "C43EF082-E9AB-41D3-B7AF-936B84BB6AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5379C7-0061-4C53-8B81-45F8063956DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:b:*:*:*:*:*:*",
"matchCriteriaId": "FD94C7BD-B398-42BF-9FB9-EB4581AF98E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B61485E4-6EC1-4886-AB47-F5BC8E72A08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*",
"matchCriteriaId": "203163D8-15E8-4F2D-A807-7643EA0D6920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6.156:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF2CB88-3E10-48BF-8D49-994A3E6014E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E354FF4-5CDD-4B79-B56C-2C774B235D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9CEFE-23C2-4455-BE6F-51D26487D3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7.168:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1A3FCF-B0AD-45DF-96D3-09BE755F94A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0DA8D6-3B1D-4935-855E-9431EB4BA683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8.179:*:*:*:*:*:*:*",
"matchCriteriaId": "D75CC6FB-FB51-42DD-B708-54A99B10F70A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFAF26C-7BFE-479E-880C-B13E78780625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95912B-8C95-4CA8-BDA7-76074E20E362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3162C720-A042-48D8-A598-5CC9845C5715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDD728B-9E92-4EC8-BD61-6E1AE300CE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:*:*:*:*:*:*:*",
"matchCriteriaId": "73D573A1-93F3-4652-9E64-EDED09731EF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:b:*:*:*:*:*:*",
"matchCriteriaId": "8B6EF4B8-AF43-4777-9556-CA6DFF864B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:c:*:*:*:*:*:*",
"matchCriteriaId": "42050FEF-5456-4340-9AD1-00448E4B5E34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEEE1E4-1883-411E-A4BA-985041880439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3E3BC1-A986-4942-80FA-5911428F8E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11.197:a:*:*:*:*:*:*",
"matchCriteriaId": "96B6DA99-20FA-4622-8F1C-3086143CAE90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AC00-8A30-49CB-956D-715053A920D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*",
"matchCriteriaId": "F425004A-EC16-44E8-A297-21F33F802FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12.201:*:*:*:*:*:*:*",
"matchCriteriaId": "849BE02B-513B-405E-A430-DF9D02C0A666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C46B2D3D-1B9A-4AE4-BDE2-4E6C388356EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15-210:*:*:*:*:*:*:*",
"matchCriteriaId": "BD611329-F5D3-455D-A275-4D61429357E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15.210:*:*:*:*:*:*:*",
"matchCriteriaId": "09857263-747C-40F5-9744-21FD03187CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2C14DB20-E22E-466E-A3CD-C841CFDF2A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8881820B-29B4-41DB-AEED-5513A347E290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0-68:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0C8455-CAAC-463E-A0D6-D21B8FB1BE31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "C78C2C5A-F788-4F25-BD19-50C76C802329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1-73:*:*:*:*:*:*:*",
"matchCriteriaId": "4F6E0634-1562-4DC4-80A1-283ED369176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1.73:*:*:*:*:*:*:*",
"matchCriteriaId": "70E1319D-7BA1-43AC-A4E2-69D2E885DE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2-77:*:*:*:*:*:*:*",
"matchCriteriaId": "692B6E95-A67C-41E4-AEF7-CD4F01E802D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE5FC25-ADBE-41E9-A5F6-51BE9D451AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:b:*:*:*:*:*:*",
"matchCriteriaId": "BBE1D8A2-4AE0-4D0B-8D4D-D842E74ED328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "19DC0DB5-998A-4CE3-9AFE-A4009E6E755F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0-95:*:*:*:*:*:*:*",
"matchCriteriaId": "8CF6C235-1889-453D-8DBF-3A6165DEC833",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "51033974-B685-4214-B45D-5ED7DBDA95AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CBED89BD-C66E-4B5B-AA6F-8F79246AE5DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0.102:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2379BD-5FAE-4D3D-8BDF-0BD3DC3EAA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows local users to modify data or obtain sensitive information via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en HP System Management Homepage (SMH) antes de v7.0 permite a usuarios locales modificar los datos u obtener informaci\u00f3n sensible a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2012-1993",
"lastModified": "2024-11-21T01:38:15.387",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.2,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-18T10:33:35.480",
"references": [
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securityfocus.com/archive/1/522374"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securityfocus.com/archive/1/522374"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securitytracker.com/id?1026925"
},
{
"source": "hp-security-alert@hp.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026925"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74918"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-22 11:19
Modified
2024-11-21 01:51
Severity ?
Summary
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2356.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| hp | system_management_homepage | 7.0 | |
| hp | system_management_homepage | 7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "525F8984-5088-4A9F-9EBE-031FDCF3C26C",
"versionEndIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A2A419-3E62-4244-83D9-354755BEAA0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26EB8583-BF1A-4DA7-B560-EDDEBD4D7DA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2356."
},
{
"lang": "es",
"value": "HP System Management Homepage (SMH) anterior a 7.2.1, permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados. Vulnerabilidad distinta de CVE-2013-2356."
}
],
"id": "CVE-2013-2363",
"lastModified": "2024-11-21T01:51:32.067",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-22T11:19:36.267",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-22 11:19
Modified
2024-11-21 01:51
Severity ?
Summary
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2363.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| hp | system_management_homepage | 7.0 | |
| hp | system_management_homepage | 7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "525F8984-5088-4A9F-9EBE-031FDCF3C26C",
"versionEndIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A2A419-3E62-4244-83D9-354755BEAA0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26EB8583-BF1A-4DA7-B560-EDDEBD4D7DA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2363."
},
{
"lang": "es",
"value": "HP System Management Homepage (SMH) anterior a 7.2.1, permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de vectores sin especificar. Vulnerabilidad distinta de CVE-2013-2363."
}
],
"id": "CVE-2013-2356",
"lastModified": "2024-11-21T01:51:31.297",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-22T11:19:36.073",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-15 22:29
Modified
2024-11-21 03:09
Severity ?
Summary
A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-alert@hpe.com | http://www.securityfocus.com/bid/101029 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | http://www.securitytracker.com/id/1039437 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101029 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039437 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| linux | linux_kernel | - | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74107D7F-60E9-4A88-85D4-9594553A01C2",
"versionEndExcluding": "7.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad de ejecuci\u00f3n local de comandos arbitrarios en HPE System Management Homepage para Windows y Linux en versiones anteriores a la 7.6."
}
],
"id": "CVE-2017-12548",
"lastModified": "2024-11-21T03:09:44.037",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:S/C:N/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 1.5,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.3,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-15T22:29:04.577",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-10-19 01:55
Modified
2024-11-21 02:18
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| hp | hp-ux | b.11.23 | |
| hp | system_management_homepage | * | |
| hp | hp-ux | b.11.31 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E67BDAFD-D637-4023-9777-95E2FB8BD65F",
"versionEndIncluding": "3.2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*",
"matchCriteriaId": "12C73959-3E02-4847-8962-651D652800EE",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A1138BB-26FE-446F-BD47-E030A68F280B",
"versionEndIncluding": "3.2.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*",
"matchCriteriaId": "B64BBA96-FB3C-46AC-9A29-50EE02714FE9",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de CSRF en HP System Management Homepage (SMH) anterior a 3.2.3 en HP-UX B.11.23, y anterior a 3.2.8 en HP-UX B.11.31, permite a atacantes remotos secuestrar la autenticaci\u00f3n de victimas no especificadas a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2014-7874",
"lastModified": "2024-11-21T02:18:11.157",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-10-19T01:55:21.607",
"references": [
{
"source": "hp-security-alert@hp.com",
"url": "http://secunia.com/advisories/60945"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securitytracker.com/id/1031050"
},
{
"source": "hp-security-alert@hp.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97024"
},
{
"source": "hp-security-alert@hp.com",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04476799"
},
{
"source": "hp-security-alert@hp.com",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04476799"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60945"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1031050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04476799"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04476799"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-04-24 14:59
Modified
2024-11-21 02:28
Severity ?
Summary
The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora | 21 | |
| fedoraproject | fedora | 22 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| debian | debian_linux | 7.0 | |
| haxx | curl | 7.31.0 | |
| haxx | curl | 7.32.0 | |
| haxx | curl | 7.33.0 | |
| haxx | curl | 7.34.0 | |
| haxx | curl | 7.35.0 | |
| haxx | curl | 7.36.0 | |
| haxx | curl | 7.37.0 | |
| haxx | curl | 7.37.1 | |
| haxx | curl | 7.38.0 | |
| haxx | curl | 7.39.0 | |
| haxx | curl | 7.40.0 | |
| haxx | curl | 7.41.0 | |
| apple | mac_os_x | 10.10.0 | |
| apple | mac_os_x | 10.10.1 | |
| apple | mac_os_x | 10.10.2 | |
| apple | mac_os_x | 10.10.3 | |
| apple | mac_os_x | 10.10.4 | |
| oracle | solaris | 11.3 | |
| haxx | libcurl | 7.30.0 | |
| haxx | libcurl | 7.31.0 | |
| haxx | libcurl | 7.32.0 | |
| haxx | libcurl | 7.33.0 | |
| haxx | libcurl | 7.34.0 | |
| haxx | libcurl | 7.35.0 | |
| haxx | libcurl | 7.36.0 | |
| haxx | libcurl | 7.37.0 | |
| haxx | libcurl | 7.37.1 | |
| haxx | libcurl | 7.38.0 | |
| haxx | libcurl | 7.39 | |
| haxx | libcurl | 7.40.0 | |
| haxx | libcurl | 7.41.0 | |
| hp | system_management_homepage | * | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:haxx:curl:7.31.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5ECABFCB-0D02-4B5B-BB35-C6B3C0896348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.32.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A5176F0-E62F-46FF-B536-DC0680696773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.33.0:*:*:*:*:*:*:*",
"matchCriteriaId": "506A3761-3D24-43DB-88D8-4EB5B9E8BA5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.34.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B6EF8B0-0E86-449C-A500-ACD902A78C7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D558CC2-0146-4887-834E-19FCB1D512A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6931764D-16AB-4546-9CE3-5B4E03BC984A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.37.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC1313E-8DCB-4B29-A9BC-A27C8CB360E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.37.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B27C2E02-5C0A-4A12-B0A6-5B1C0DFA94E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFC7535F-B8C7-490F-A2F9-1DCFD41A3C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CCBFE6D-F6A9-4394-9AF8-F830DC7E6A81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEBBFCA-6A18-4F8F-B841-50255C952FA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FEEAE437-A645-468B-B283-44799658F534",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A2286E-9D1C-4B56-8B40-150201B818AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF9BC68-7F0D-4DF9-9CD8-6CE9844555C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D35FAC77-A0DD-4AF9-AA9E-A4B170842D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "831B1114-7CA7-43E3-9A15-592218060A1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B0A12E-E122-4189-A05E-4FEA43C19876",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79A602C5-61FE-47BA-9786-F045B6C6DBA8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3B6BFFB-7967-482C-9B49-4BD25C815299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1791BF6D-2C96-4A6E-90D4-2906A73601F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*",
"matchCriteriaId": "260DD751-4145-4B75-B892-5FC932C6A305",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFF4AD0D-2EC5-4CE8-B6B3-2EC8ED2FF118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB1CB85-0A9B-4816-B471-278774EE6D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3831AB03-4E7E-476D-9623-58AADC188DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABACE305-2F0C-4B59-BC5C-6DF162B450E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FAC1B55-F492-484E-B837-E7745682DE0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D57914-B40A-462B-9C78-6433BE2B2DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9A12DF7-62C5-46AD-9236-E2821C64156E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*",
"matchCriteriaId": "4C43697D-390A-4AC0-A5D8-62B6D22245BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D52E9E9F-7A35-4CB9-813E-5A1D4A36415C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*",
"matchCriteriaId": "257291FB-969C-4413-BA81-806B5E1B40A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D06BF4CE-299F-42E4-BA0A-5D68788C92DF",
"versionEndIncluding": "7.5.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character."
},
{
"lang": "es",
"value": "La funci\u00f3n sanitize_cookie_path en cURL y libcurl 7.31.0 hasta 7.41.0 no calcula correctamente un indice, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (escritura fuera de rango y ca\u00edda) o posiblemente tener otro impacto no especificado a trav\u00e9s de una ruta de cookie que contiene solamente un car\u00e1cter de comillas dobles."
}
],
"id": "CVE-2015-3145",
"lastModified": "2024-11-21T02:28:46.150",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-24T14:59:10.157",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0179.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://curl.haxx.se/docs/adv_20150422C.html"
},
{
"source": "secalert@redhat.com",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3232"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/74303"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032232"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2591-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0179.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://curl.haxx.se/docs/adv_20150422C.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3232"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032232"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2591-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT205031"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-14 10:55
Modified
2024-11-21 01:56
Severity ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.3 allows remote attackers to obtain sensitive information via unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7625046E-EC4D-4A80-A7FF-6C7938772367",
"versionEndIncluding": "7.2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1.104:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDEA64C-7511-4E71-8DFA-6E66531AC461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2.106:*:*:*:*:*:*:*",
"matchCriteriaId": "F304AB45-8298-4426-91B3-B99ED7FF6C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "1C035D5C-90ED-4259-B05C-BEF93D81F42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103\\(a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "824996A5-C2CC-4FC5-8705-F6B4D69F39B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBF9F0E-AA30-4E5A-B23E-DD895303245C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2005B3-1914-4B4B-892A-8CCC0F39EF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0.121:*:*:*:*:*:*:*",
"matchCriteriaId": "61ED0B94-3CC3-427C-A038-90C6CEF768BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6426924C-AA5C-4C93-AB8B-9314CD010139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7DCF4F-609A-497B-A32E-3D946EC2EE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2.127:*:*:*:*:*:*:*",
"matchCriteriaId": "ECEAE287-0A13-4DB3-A36D-BD50148BE9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E5C789-9827-47DF-A47C-454DF7687E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECF53BE-0E3A-41F8-AFD2-29CA3F2D0C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4.143:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D25EAF-145F-4D96-836E-1B7C3FE53E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBB25A-A1DE-4943-9EE5-0FCF21A55666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*",
"matchCriteriaId": "C43EF082-E9AB-41D3-B7AF-936B84BB6AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5379C7-0061-4C53-8B81-45F8063956DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:b:*:*:*:*:*:*",
"matchCriteriaId": "FD94C7BD-B398-42BF-9FB9-EB4581AF98E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B61485E4-6EC1-4886-AB47-F5BC8E72A08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*",
"matchCriteriaId": "203163D8-15E8-4F2D-A807-7643EA0D6920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6.156:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF2CB88-3E10-48BF-8D49-994A3E6014E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E354FF4-5CDD-4B79-B56C-2C774B235D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9CEFE-23C2-4455-BE6F-51D26487D3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7.168:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1A3FCF-B0AD-45DF-96D3-09BE755F94A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0DA8D6-3B1D-4935-855E-9431EB4BA683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8.179:*:*:*:*:*:*:*",
"matchCriteriaId": "D75CC6FB-FB51-42DD-B708-54A99B10F70A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFAF26C-7BFE-479E-880C-B13E78780625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95912B-8C95-4CA8-BDA7-76074E20E362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3162C720-A042-48D8-A598-5CC9845C5715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDD728B-9E92-4EC8-BD61-6E1AE300CE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:*:*:*:*:*:*:*",
"matchCriteriaId": "73D573A1-93F3-4652-9E64-EDED09731EF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:b:*:*:*:*:*:*",
"matchCriteriaId": "8B6EF4B8-AF43-4777-9556-CA6DFF864B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:c:*:*:*:*:*:*",
"matchCriteriaId": "42050FEF-5456-4340-9AD1-00448E4B5E34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEEE1E4-1883-411E-A4BA-985041880439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3E3BC1-A986-4942-80FA-5911428F8E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11.197:a:*:*:*:*:*:*",
"matchCriteriaId": "96B6DA99-20FA-4622-8F1C-3086143CAE90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AC00-8A30-49CB-956D-715053A920D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*",
"matchCriteriaId": "F425004A-EC16-44E8-A297-21F33F802FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12.201:*:*:*:*:*:*:*",
"matchCriteriaId": "849BE02B-513B-405E-A430-DF9D02C0A666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "4C655A93-EAF6-4AC5-97B6-39601457FE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C46B2D3D-1B9A-4AE4-BDE2-4E6C388356EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "50D50984-75F5-4F70-96BB-E2133E1360AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15-210:*:*:*:*:*:*:*",
"matchCriteriaId": "BD611329-F5D3-455D-A275-4D61429357E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15.210:*:*:*:*:*:*:*",
"matchCriteriaId": "09857263-747C-40F5-9744-21FD03187CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2C14DB20-E22E-466E-A3CD-C841CFDF2A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8881820B-29B4-41DB-AEED-5513A347E290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA1487A6-D639-4CA5-9696-47E04D621AD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0-68:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0C8455-CAAC-463E-A0D6-D21B8FB1BE31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "C78C2C5A-F788-4F25-BD19-50C76C802329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "46BDF870-3717-4486-8F45-55794F3DC712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1-73:*:*:*:*:*:*:*",
"matchCriteriaId": "4F6E0634-1562-4DC4-80A1-283ED369176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1.73:*:*:*:*:*:*:*",
"matchCriteriaId": "70E1319D-7BA1-43AC-A4E2-69D2E885DE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7C8CC2-1C1C-4813-8CEE-70F3F2AF3F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2-77:*:*:*:*:*:*:*",
"matchCriteriaId": "692B6E95-A67C-41E4-AEF7-CD4F01E802D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE5FC25-ADBE-41E9-A5F6-51BE9D451AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:b:*:*:*:*:*:*",
"matchCriteriaId": "BBE1D8A2-4AE0-4D0B-8D4D-D842E74ED328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "19DC0DB5-998A-4CE3-9AFE-A4009E6E755F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0-95:*:*:*:*:*:*:*",
"matchCriteriaId": "8CF6C235-1889-453D-8DBF-3A6165DEC833",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "51033974-B685-4214-B45D-5ED7DBDA95AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CBED89BD-C66E-4B5B-AA6F-8F79246AE5DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "81DB7A7A-A051-40AE-A12E-A54DF6F41C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0.102:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2379BD-5FAE-4D3D-8BDF-0BD3DC3EAA41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8A4A11-24D2-4BEC-9D29-78BB72518A59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1B21D4B4-172C-4D00-AAC1-459F33F4D3BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C17F3CE1-D6A2-4B15-856C-8D083B32274F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7349879C-6CBE-4636-B6E7-C25955DE680B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A2A419-3E62-4244-83D9-354755BEAA0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26EB8583-BF1A-4DA7-B560-EDDEBD4D7DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B3B1667E-A36B-4777-976B-786E44747ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "416F2C9F-8FF2-4C31-98E2-545DE95A1F24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.3 allows remote attackers to obtain sensitive information via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en HP System Management Homepage (SMH) anterior a 7.3 permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2013-4846",
"lastModified": "2024-11-21T01:56:31.467",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-03-14T10:55:05.287",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-02-05 22:30
Modified
2024-11-21 01:09
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBD83E8E-B1CE-4BB5-8147-2F656FD9E742",
"versionEndIncluding": "3.0.2.77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "1C035D5C-90ED-4259-B05C-BEF93D81F42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103\\(a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "824996A5-C2CC-4FC5-8705-F6B4D69F39B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBF9F0E-AA30-4E5A-B23E-DD895303245C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2005B3-1914-4B4B-892A-8CCC0F39EF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6426924C-AA5C-4C93-AB8B-9314CD010139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7DCF4F-609A-497B-A32E-3D946EC2EE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E5C789-9827-47DF-A47C-454DF7687E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECF53BE-0E3A-41F8-AFD2-29CA3F2D0C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBB25A-A1DE-4943-9EE5-0FCF21A55666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*",
"matchCriteriaId": "C43EF082-E9AB-41D3-B7AF-936B84BB6AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B61485E4-6EC1-4886-AB47-F5BC8E72A08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*",
"matchCriteriaId": "203163D8-15E8-4F2D-A807-7643EA0D6920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E354FF4-5CDD-4B79-B56C-2C774B235D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9CEFE-23C2-4455-BE6F-51D26487D3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0DA8D6-3B1D-4935-855E-9431EB4BA683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFAF26C-7BFE-479E-880C-B13E78780625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95912B-8C95-4CA8-BDA7-76074E20E362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3162C720-A042-48D8-A598-5CC9845C5715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDD728B-9E92-4EC8-BD61-6E1AE300CE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEEE1E4-1883-411E-A4BA-985041880439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3E3BC1-A986-4942-80FA-5911428F8E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AC00-8A30-49CB-956D-715053A920D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*",
"matchCriteriaId": "F425004A-EC16-44E8-A297-21F33F802FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15-210:*:*:*:*:*:*:*",
"matchCriteriaId": "BD611329-F5D3-455D-A275-4D61429357E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2C14DB20-E22E-466E-A3CD-C841CFDF2A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8881820B-29B4-41DB-AEED-5513A347E290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0-68:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0C8455-CAAC-463E-A0D6-D21B8FB1BE31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1.73:*:*:*:*:*:*:*",
"matchCriteriaId": "70E1319D-7BA1-43AC-A4E2-69D2E885DE85",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de comandos en sitios cruzados(XSS)en proxy/smhui/getuiinfo en HP System Management Homepage (SMH) anterior v6.0 permite a atacantes remotos inyectar c\u00f3digo web o HTML de su elecci\u00f3n a trav\u00e9s del par\u00e1metro servercert."
}
],
"id": "CVE-2009-4185",
"lastModified": "2024-11-21T01:09:06.627",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-02-05T22:30:02.327",
"references": [
{
"source": "hp-security-alert@hp.com",
"url": "http://marc.info/?l=bugtraq\u0026m=126529736830358\u0026w=2"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://marc.info/?l=bugtraq\u0026m=126529736830358\u0026w=2"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38341"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Exploit"
],
"url": "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr09-15"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securityfocus.com/archive/1/509195/100/0/threaded"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securityfocus.com/bid/38081"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securitytracker.com/id?1023541"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=126529736830358\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=126529736830358\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr09-15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/509195/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/38081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023541"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0294"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-06-14 18:55
Modified
2024-11-21 01:53
Severity ?
Summary
ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands via shell metacharacters in the PATH_INFO to smhutil/snmpchp.php.en.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cret@cert.org | http://marc.info/?l=bugtraq&m=137952496405683&w=2 | ||
| cret@cert.org | http://www.kb.cert.org/vuls/id/735364 | Exploit, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=137952496405683&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/735364 | Exploit, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4BBD4AA-5BD9-44D4-AFA1-691168DEA17C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands via shell metacharacters in the PATH_INFO to smhutil/snmpchp.php.en."
},
{
"lang": "es",
"value": "ginkgosnmp.inc en HP System Management Homepage (SMH) permite a usuarios autenticados remotamente ejecutar comandos a trav\u00e9s de metacaracteres shell desde el PATH_INFO a smhutil/snmpchp.php."
}
],
"id": "CVE-2013-3576",
"lastModified": "2024-11-21T01:53:54.990",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-06-14T18:55:01.780",
"references": [
{
"source": "cret@cert.org",
"url": "http://marc.info/?l=bugtraq\u0026m=137952496405683\u0026w=2"
},
{
"source": "cret@cert.org",
"tags": [
"Exploit",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/735364"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=137952496405683\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/735364"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-22 11:19
Modified
2024-11-21 01:44
Severity ?
Summary
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2355.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| hp | system_management_homepage | 7.0 | |
| hp | system_management_homepage | 7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "525F8984-5088-4A9F-9EBE-031FDCF3C26C",
"versionEndIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A2A419-3E62-4244-83D9-354755BEAA0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26EB8583-BF1A-4DA7-B560-EDDEBD4D7DA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2355."
},
{
"lang": "es",
"value": "HP System Management Homepage (SMH) anterior a 7.2.1, permite a atacantes remotos evitar las restricciones de acceso establecidas y obtener informaci\u00f3n sensible a trav\u00e9s de vectores sin especificar. Vulnerabilidad distinta de CVE-2013-2355."
}
],
"id": "CVE-2012-5217",
"lastModified": "2024-11-21T01:44:16.627",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-22T11:19:33.783",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-14 15:59
Modified
2024-11-21 02:47
Severity ?
Summary
HPE System Management Homepage before 7.5.5 allows local users to obtain sensitive information or modify data via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A21ADC4-2550-45B1-8B57-4382987FF0B5",
"versionEndIncluding": "7.5.4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HPE System Management Homepage before 7.5.5 allows local users to obtain sensitive information or modify data via unspecified vectors."
},
{
"lang": "es",
"value": "HPE System Management Homepage en versiones anteriores a 7.5.5 permite a usuarios locales obtener informaci\u00f3n sensible o modificar datos a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-2015",
"lastModified": "2024-11-21T02:47:36.800",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-14T15:59:04.130",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1035775"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-03-07 00:02
Modified
2024-11-21 00:07
Severity ?
Summary
Directory traversal vulnerability in HP System Management Homepage (SMH) 2.0.0 through 2.1.4 on Windows allows remote attackers to access certain files via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | 2.0.0 | |
| hp | system_management_homepage | 2.1.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in HP System Management Homepage (SMH) 2.0.0 through 2.1.4 on Windows allows remote attackers to access certain files via unspecified vectors."
}
],
"evaluatorSolution": "This vulnerability affects all versions of HP, System Management Homepage from 2.0.0 through 2.1.4. This vulnarebility is only present in the following Windows OS environments: Microsoft Windows 2000, 2003, 2003 for x64, 2003 for Itanium and also Windows XP.",
"id": "CVE-2006-1023",
"lastModified": "2024-11-21T00:07:53.220",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-03-07T00:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19059"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1015692"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/426345/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/16876"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/0769"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00601530"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24996"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19059"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1015692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/426345/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16876"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0769"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00601530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24996"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-11-04 18:29
Modified
2024-11-21 00:51
Severity ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 and earlier on HP-UX B.11.11 and B.11.23, and SMH 2.2.6 and 2.2.8 and earlier on HP-UX B.11.23 and B.11.31, allows local users to gain "unauthorized access" via unknown vectors, possibly related to temporary file permissions.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*",
"matchCriteriaId": "32310AFE-38CC-4C6C-AE13-54C18720F2C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5EC644AD-85F1-4985-849B-9AB54A401042",
"versionEndIncluding": "2.2.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "1C035D5C-90ED-4259-B05C-BEF93D81F42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103\\(a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "824996A5-C2CC-4FC5-8705-F6B4D69F39B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBF9F0E-AA30-4E5A-B23E-DD895303245C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2005B3-1914-4B4B-892A-8CCC0F39EF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6426924C-AA5C-4C93-AB8B-9314CD010139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7DCF4F-609A-497B-A32E-3D946EC2EE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E5C789-9827-47DF-A47C-454DF7687E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECF53BE-0E3A-41F8-AFD2-29CA3F2D0C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBB25A-A1DE-4943-9EE5-0FCF21A55666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*",
"matchCriteriaId": "C43EF082-E9AB-41D3-B7AF-936B84BB6AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B61485E4-6EC1-4886-AB47-F5BC8E72A08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*",
"matchCriteriaId": "203163D8-15E8-4F2D-A807-7643EA0D6920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E354FF4-5CDD-4B79-B56C-2C774B235D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9CEFE-23C2-4455-BE6F-51D26487D3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0DA8D6-3B1D-4935-855E-9431EB4BA683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFAF26C-7BFE-479E-880C-B13E78780625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95912B-8C95-4CA8-BDA7-76074E20E362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3162C720-A042-48D8-A598-5CC9845C5715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDD728B-9E92-4EC8-BD61-6E1AE300CE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEEE1E4-1883-411E-A4BA-985041880439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3E3BC1-A986-4942-80FA-5911428F8E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AC00-8A30-49CB-956D-715053A920D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*",
"matchCriteriaId": "F425004A-EC16-44E8-A297-21F33F802FE8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0E18B8-6613-42D0-97BA-E13AE2B152C9",
"versionEndIncluding": "2.2.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "1C035D5C-90ED-4259-B05C-BEF93D81F42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103\\(a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "824996A5-C2CC-4FC5-8705-F6B4D69F39B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBF9F0E-AA30-4E5A-B23E-DD895303245C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2005B3-1914-4B4B-892A-8CCC0F39EF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6426924C-AA5C-4C93-AB8B-9314CD010139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7DCF4F-609A-497B-A32E-3D946EC2EE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E5C789-9827-47DF-A47C-454DF7687E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECF53BE-0E3A-41F8-AFD2-29CA3F2D0C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBB25A-A1DE-4943-9EE5-0FCF21A55666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*",
"matchCriteriaId": "C43EF082-E9AB-41D3-B7AF-936B84BB6AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B61485E4-6EC1-4886-AB47-F5BC8E72A08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*",
"matchCriteriaId": "203163D8-15E8-4F2D-A807-7643EA0D6920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E354FF4-5CDD-4B79-B56C-2C774B235D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9CEFE-23C2-4455-BE6F-51D26487D3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0DA8D6-3B1D-4935-855E-9431EB4BA683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFAF26C-7BFE-479E-880C-B13E78780625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95912B-8C95-4CA8-BDA7-76074E20E362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3162C720-A042-48D8-A598-5CC9845C5715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDD728B-9E92-4EC8-BD61-6E1AE300CE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEEE1E4-1883-411E-A4BA-985041880439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3E3BC1-A986-4942-80FA-5911428F8E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AC00-8A30-49CB-956D-715053A920D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*",
"matchCriteriaId": "F425004A-EC16-44E8-A297-21F33F802FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2C14DB20-E22E-466E-A3CD-C841CFDF2A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*",
"matchCriteriaId": "32310AFE-38CC-4C6C-AE13-54C18720F2C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.31:*:*:*:*:*:*:*",
"matchCriteriaId": "0FC82871-E47F-4431-AAE0-A714D7D22670",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 and earlier on HP-UX B.11.11 and B.11.23, and SMH 2.2.6 and 2.2.8 and earlier on HP-UX B.11.23 and B.11.31, allows local users to gain \"unauthorized access\" via unknown vectors, possibly related to temporary file permissions."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en HP System Management Homepage (SMH) v2.2.6 y anteriores en HP-UX B.11.11 y B.11.23, y SMH 2.2.6 y 2.2.8 y anteriores en HP-UX B.11.23 y B.11.31; permite a usuarios locales obtener \"acceso no autorizado\" a trav\u00e9s de vectores desconocidos. Puede que est\u00e9 relacionado con los permisos de los ficheros temporales."
}
],
"id": "CVE-2008-4413",
"lastModified": "2024-11-21T00:51:37.483",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-11-04T18:29:47.870",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=122581539223159\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=122581539223159\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/49521"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32544"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/4545"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021133"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2999"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46313"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=122581539223159\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=122581539223159\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/49521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32544"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/4545"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46313"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-22 11:19
Modified
2024-11-21 01:51
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| hp | system_management_homepage | 7.0 | |
| hp | system_management_homepage | 7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "525F8984-5088-4A9F-9EBE-031FDCF3C26C",
"versionEndIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A2A419-3E62-4244-83D9-354755BEAA0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26EB8583-BF1A-4DA7-B560-EDDEBD4D7DA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad XSS en HP System Management Homepage (SMH) anterior a 7.2.1, permite a usuarios autenticados remotamente inyectar secuencias de comandos web o HTML arbitrarias a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2013-2364",
"lastModified": "2024-11-21T01:51:32.177",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-07-22T11:19:36.277",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-28 21:59
Modified
2024-11-21 02:52
Severity ?
Summary
HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD3FEB80-163D-4589-B6A8-6BB1ADCB6A10",
"versionEndIncluding": "7.5.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a \"Buffer Overflow\" issue."
},
{
"lang": "es",
"value": "HPE System Management Homepage en versiones anteriores a v7.6 permite a atacantes remotos tener un impacto no especificado a trav\u00e9s de vectores desconocidos, relacionado con un problema de \"desbordamiento de b\u00fafer\"."
}
],
"id": "CVE-2016-4395",
"lastModified": "2024-11-21T02:52:01.680",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-28T21:59:03.667",
"references": [
{
"source": "security-alert@hpe.com",
"url": "http://www.securityfocus.com/bid/93961"
},
{
"source": "security-alert@hpe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-587"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149"
},
{
"source": "security-alert@hpe.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "security-alert@hpe.com",
"url": "https://www.tenable.com/security/research/tra-2016-32"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-587"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.tenable.com/security/research/tra-2016-32"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-04-24 14:59
Modified
2024-11-21 02:28
Severity ?
Summary
cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:haxx:curl:7.10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5D65CDC0-580B-42B3-97E8-69BE44CDB68C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.10.7:*:*:*:*:*:*:*",
"matchCriteriaId": "01001EEA-AB99-4041-8188-38CEBE9C3031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.10.8:*:*:*:*:*:*:*",
"matchCriteriaId": "31DB0DA3-88B7-43ED-8102-CEBC28524CE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "87596B6A-A7B3-4256-9982-45D3B6E3E018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0045855F-A707-415A-AC12-6981B68B08E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B49807DC-0BDA-41F6-BB76-7C62328D245F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0A78B6B8-9F4B-46AC-BB04-7EBADC690CBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EFE80B46-33F0-4338-AF37-9E7E31FC5E83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD38D8C6-9EEE-4160-9353-773943A560B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FD33549E-EFFB-466F-8B47-BE036D454693",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16BB71C8-3564-4E69-A2C3-E9AB1F9EF20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4966AA12-15DB-44E5-84AF-9D7AF4A52F86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "827B6C8A-59C4-4714-9406-5C8EB5073AB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "93A11305-E4FF-473B-9415-AF1F0E7A27D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8444095B-AF8F-42B5-BD4D-9CBE9238E42D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C22F23AE-02AB-42F0-AA16-D2F8C94E5DE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B33DE520-BD2A-4499-B1F8-1439AE16AB57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.15.2:*:*:*:*:*:*:*",
"matchCriteriaId": "041FCB20-E74F-4550-AC48-EE4E5875E118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.15.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D16DBA5E-582F-4648-932E-8A1EFB7FE3D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.15.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A25323F4-7C67-4097-AD53-A6B9E6D96BA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.15.5:*:*:*:*:*:*:*",
"matchCriteriaId": "36919682-F59E-4EC0-886C-AE967F636753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.16.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B45AF234-3651-4367-BFEF-8766F66FB138",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E46A9126-A02E-44CD-885D-0956E0C87C2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91E9C756-7FE3-4197-8C18-99CD1F49B0D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.16.3:*:*:*:*:*:*:*",
"matchCriteriaId": "88806B7D-5EFE-4F91-B115-732882D2C126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.16.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BB9E8AB-B3EC-4743-B39B-7325EEB17233",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5030FBB0-C95B-4ADE-BFC2-CCA37AAD019B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.17.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5513618A-6770-4292-95D1-68F55D8343CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7494C01F-E9EC-406E-879A-B2045865E282",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD9F894-4576-4ED1-9F55-4C27ECE7E058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.18.2:*:*:*:*:*:*:*",
"matchCriteriaId": "49AFACAC-BBAF-469B-BF05-0478E987120F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.19.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6A136E86-0697-4915-BC49-F570C776EDE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.19.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ECB241AF-A01D-4FD6-B98A-F4C20F844C2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.19.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C5B61901-F7DF-4805-8EB7-CA1701CA81CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.19.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0CDEC9-224A-4668-B2E4-2145653E3F2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.19.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E92BE9CB-F001-47A0-94E0-48FC01A63FE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.19.5:*:*:*:*:*:*:*",
"matchCriteriaId": "324E2A20-2F66-4E03-9A7F-A09E631E9033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.19.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C8987B53-BD80-40B9-8429-21AD97208040",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.19.7:*:*:*:*:*:*:*",
"matchCriteriaId": "490D1BDC-33B9-43BA-B6DA-42DEE577082A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.20.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B465BE7E-0B4D-4BC4-894B-3F51A201CE91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CAA17087-3021-4961-B53C-CDCC872A31A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.21.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5CA3936-4602-40E6-B75C-58D3F24268E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D87C110C-21DD-438A-90EF-BE516CF59F3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.21.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD2D9E0E-2EED-4FB5-859C-05226FC48D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.21.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA01E21-71CE-4B07-B5A6-D0D7AC493A5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.21.4:*:*:*:*:*:*:*",
"matchCriteriaId": "51239254-31CE-4BF7-8669-1525BA391362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.21.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2E2BE20D-232D-4C86-81B0-C82CCC1CAA62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.21.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D652FD7C-1521-4391-AAE1-0A4D6F4CE8F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.21.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DB861143-F809-45CF-95BE-E64F4BA1A0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.22.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3480F4A-0AE0-4428-9EDA-5A6B994909A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.23.0:*:*:*:*:*:*:*",
"matchCriteriaId": "936BF59E-33A8-46BA-9FBD-8763812E2F10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.23.1:*:*:*:*:*:*:*",
"matchCriteriaId": "33168C81-6DAE-40D6-9693-68390CD71DA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.24.0:*:*:*:*:*:*:*",
"matchCriteriaId": "424F9604-AA9A-4D45-A521-0BDEDB723659",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.25.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DC6EBCEB-E52C-4FF5-B15A-6960F58090EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.26.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D204E994-4591-403C-8EF3-D3B7BF4AA1A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.27.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF5418D-1162-4B1E-BC3D-06A3E084BEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.28.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA65F31-3D54-4F66-A0A3-2BD993FF38F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.28.1:*:*:*:*:*:*:*",
"matchCriteriaId": "41ACC9FE-62FF-424B-B4B8-B033FEAF7686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.29.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8BC39E9-5945-4DC8-ACA8-1C9918D9F279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.30.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B9658447-FBB0-4DEA-8FEE-BD4D3D1BF7FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.31.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5ECABFCB-0D02-4B5B-BB35-C6B3C0896348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.32.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A5176F0-E62F-46FF-B536-DC0680696773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.33.0:*:*:*:*:*:*:*",
"matchCriteriaId": "506A3761-3D24-43DB-88D8-4EB5B9E8BA5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.34.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B6EF8B0-0E86-449C-A500-ACD902A78C7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D558CC2-0146-4887-834E-19FCB1D512A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6931764D-16AB-4546-9CE3-5B4E03BC984A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.37.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B27C2E02-5C0A-4A12-B0A6-5B1C0DFA94E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFC7535F-B8C7-490F-A2F9-1DCFD41A3C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CCBFE6D-F6A9-4394-9AF8-F830DC7E6A81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEBBFCA-6A18-4F8F-B841-50255C952FA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FEEAE437-A645-468B-B283-44799658F534",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2E1F9453-1FB6-4CA7-9285-A243E56667B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F79828BB-2412-46AD-BE3C-A51B48E191AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*",
"matchCriteriaId": "72D0F13F-D56F-4C1C-A3CF-2E4E704817CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90A4F2E2-1B43-470E-8935-CB32F12A0124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "797DF5C7-509E-48FD-BD04-C66E01748728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "47BD868A-CE3B-4E39-A588-C4EDA3265A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4A2EE400-1C36-40F4-A9D1-9AB432F168BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "06E3CB14-FB16-4F4E-9AD9-A02DC727FF6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "08DCC42C-C881-4AEA-9348-E8317C54D62B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2BC4EF5A-C8CB-4F33-B4D1-E4192B179D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81CEF54A-9668-4031-926F-9B978DD5CDF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45068C90-8915-4D19-B36B-993980E28D08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24543011-2458-47B5-984A-901E70084902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB482A9C-D577-4AEE-A08F-CAFA6586B51E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "65AF9B86-A555-4D5E-B24E-9EBF78BCD8CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60BBDF07-DB97-433E-B542-EFEBE45550DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA8BE3F8-82ED-4DD7-991E-979E950C98B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*",
"matchCriteriaId": "738AA231-4694-46E8-B559-1594263A9987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E9E1F171-B887-499A-BF4F-538EBF347811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*",
"matchCriteriaId": "07AA276A-0EBA-4DC9-951C-8F8159FAC7A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DEEF534-9AD2-4439-9D69-E91D062C4647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63643BE1-C978-4CD2-8ED1-2B979DB0676E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F6FA04A0-9258-4654-ABCF-F41340B1FA35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DE829230-AFDB-4131-9C6A-D9D7A66C5B57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E8BA30-8087-48D4-AE1B-48326FF826B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*",
"matchCriteriaId": "47970EFF-2F51-4875-A6BD-E30614E13278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52C9B668-3204-41C5-A82E-262BDFA541DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*",
"matchCriteriaId": "08C8EE1E-E186-42D6-8B12-05865C73F261",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EEA3D88B-41B9-4D79-B47D-B3D6058C0C27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C2C80901-D48E-4C2A-9BED-A40007A11C97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*",
"matchCriteriaId": "331A51E4-AA73-486F-9618-5A83965F2436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EB32DF2C-9208-4853-ADEB-B00D764D7467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E05636DC-7E38-4605-AAB8-81C0AE37520A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*",
"matchCriteriaId": "624DF2F1-53FD-48D3-B93D-44E99C9C0C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2171C7C-311A-4405-B95F-3A54966FA844",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5DE20A41-8B53-46FC-9002-69CC7495171F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*",
"matchCriteriaId": "87ED9DA0-E880-4CBB-B1AC-5AEE8A004718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5293C7F0-BF9F-4768-889A-876CE78903CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EB41B3-65F3-4B0E-8CCC-325B14AF605B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*",
"matchCriteriaId": "857B244C-2AFB-40C7-A893-7C6DE9871BCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B732CE55-820A-40E0-A885-71BBB6CF8C15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0455A5F2-1515-4CD8-BA2F-74D28E91A661",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "29034B3A-BE9D-4D68-8C56-4465C03C3693",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6249538E-FBCB-4130-91FB-DA78D7BA45DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E11B8A5-50A2-468F-BFB3-86DD9D28AC73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EAE25A0-3828-46F1-AB30-88732CBC9F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1533A85C-2160-445D-8787-E624AEDC5A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D87B9393-7EA4-43DA-900C-7E840AE2D4C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1249E9-304F-4952-8DAB-8B79CE5E7D54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83FAF953-6A65-4FAB-BDB5-03B468CD1C9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29F8FF1F-A639-4161-9366-62528AAF4C07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*",
"matchCriteriaId": "812AB429-379A-4EDE-9664-5BC2989053F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13DD791F-C4BD-4456-955A-92E84082AA09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4A17E442-45AA-4780-98B4-9BF764DCC1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6AF544C-5F16-4434-B9FB-93B1B7318950",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBFD9ED9-2412-44AE-9C55-0ED03A121B23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*",
"matchCriteriaId": "67CCE31B-ABDA-4F32-BAF1-B1AD0664B3E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9E66A332-ECD1-4452-B444-FB629022FDF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD3D599-35E9-4590-B5E0-3AF04D344695",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3B6BFFB-7967-482C-9B49-4BD25C815299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1791BF6D-2C96-4A6E-90D4-2906A73601F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*",
"matchCriteriaId": "260DD751-4145-4B75-B892-5FC932C6A305",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFF4AD0D-2EC5-4CE8-B6B3-2EC8ED2FF118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB1CB85-0A9B-4816-B471-278774EE6D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3831AB03-4E7E-476D-9623-58AADC188DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABACE305-2F0C-4B59-BC5C-6DF162B450E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FAC1B55-F492-484E-B837-E7745682DE0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D57914-B40A-462B-9C78-6433BE2B2DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9A12DF7-62C5-46AD-9236-E2821C64156E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*",
"matchCriteriaId": "4C43697D-390A-4AC0-A5D8-62B6D22245BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D52E9E9F-7A35-4CB9-813E-5A1D4A36415C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*",
"matchCriteriaId": "257291FB-969C-4413-BA81-806B5E1B40A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D06BF4CE-299F-42E4-BA0A-5D68788C92DF",
"versionEndIncluding": "7.5.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C3A0363-F05A-49C3-A9D2-E4F31B60CD4D",
"versionEndIncluding": "10.9.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A2286E-9D1C-4B56-8B40-150201B818AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF9BC68-7F0D-4DF9-9CD8-6CE9844555C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D35FAC77-A0DD-4AF9-AA9E-A4B170842D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "831B1114-7CA7-43E3-9A15-592218060A1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B0A12E-E122-4189-A05E-4FEA43C19876",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015."
},
{
"lang": "es",
"value": "cURL y libcurl 7.10.6 hasta 7.41.0 no reutilizan correctamente las conexiones NTLM, lo que permite a atacantes remotos conectar como otros usuarios a trav\u00e9s de una solicitud no autenticada, un problema similar a CVE-2014-0015."
}
],
"id": "CVE-2015-3143",
"lastModified": "2024-11-21T02:28:45.827",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-24T14:59:08.187",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://advisories.mageia.org/MGASA-2015-0179.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://curl.haxx.se/docs/adv_20150422A.html"
},
{
"source": "secalert@redhat.com",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145612005512270\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2015/dsa-3232"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:220"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/74299"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id/1032232"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2591-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"source": "secalert@redhat.com",
"url": "https://support.apple.com/kb/HT205031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2015-0179.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://curl.haxx.se/docs/adv_20150422A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145612005512270\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3232"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032232"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2591-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/kb/HT205031"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-07-21 19:59
Modified
2024-11-21 02:26
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE3B5F52-2697-4F1D-9734-94541F9A2873",
"versionEndIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-site request forgery (CSRF) en HP System Management Homepage (SMH) en sus versiones anteriores a la 7.5.0 permite a usuarios remotos autenticados secuestrar la autenticaci\u00f3n de v\u00edctimas no especificadas a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2015-2134",
"lastModified": "2024-11-21T02:26:50.887",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-07-21T19:59:01.883",
"references": [
{
"source": "hp-security-alert@hp.com",
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securityfocus.com/bid/75961"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securitytracker.com/id/1033014"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04746490"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04746490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033014"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04746490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04746490"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-22 01:59
Modified
2024-11-21 02:52
Severity ?
Summary
The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| php | php | * | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 | |
| php | php | 5.6.8 | |
| php | php | 5.6.9 | |
| php | php | 5.6.10 | |
| php | php | 5.6.11 | |
| php | php | 5.6.12 | |
| php | php | 5.6.13 | |
| php | php | 5.6.14 | |
| php | php | 5.6.15 | |
| php | php | 5.6.16 | |
| php | php | 5.6.17 | |
| php | php | 5.6.18 | |
| php | php | 5.6.19 | |
| php | php | 5.6.20 | |
| php | php | 7.0.0 | |
| php | php | 7.0.1 | |
| php | php | 7.0.2 | |
| php | php | 7.0.3 | |
| php | php | 7.0.4 | |
| php | php | 7.0.5 | |
| fedoraproject | fedora | 24 | |
| opensuse | leap | 42.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "837805F4-CC45-484D-8CD9-1184C7963CD1",
"versionEndIncluding": "7.5.5.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96334260-684E-43BA-A088-0EF6800075A6",
"versionEndIncluding": "5.5.34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE65D0D4-CB56-4946-AB44-2EF554602A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F13E2D-A8F7-4B74-8D03-7905C81672C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BEA4DFC1-6C0C-42FB-9F47-E3E1AA9E47E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D904E21A-4B3B-4D96-850C-0C0315F14E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C7CEF6D7-8966-45E7-BEBB-12055F5898C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "171C1035-414C-4F3A-90F4-1A8ED26E3346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "725BBA4E-B3BA-4AFA-A284-E0CDE3EC8FB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F7793408-66A2-4DE7-B5AA-E49E8A2EE043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*",
"matchCriteriaId": "95840EC0-512D-468D-99B0-17E8CFDD6BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E1078D15-8073-4C04-82C2-3C8111E18B6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2E5E0C-8DD7-4CF8-A7E7-28ED0FD8B0C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*",
"matchCriteriaId": "3E6EE9E4-9D6E-4CCC-B116-6020DA6884BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A23E37-8B94-440A-8014-389AC5389A19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5E20AF-724B-4DBD-9AED-920375666B6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6890AF-8A0A-46EE-AAD5-CF9AAE14A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6B90B947-7B54-47F3-9637-2F4AC44079EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "35848414-BD5D-4164-84DC-61ABBB1C4152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1F8402-8551-4F66-A9A7-81D472AB058E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7A773E8E-48CD-4D35-A0FD-629BD9334486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC492340-79AF-4676-A161-079A97EC6F0C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*",
"matchCriteriaId": "C729D5D1-ED95-443A-9F53-5D7C2FD9B80C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data."
},
{
"lang": "es",
"value": "La funci\u00f3n exif_process_IFD_in_JPEG en ext/exif/exif.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 no valida tama\u00f1os IFD, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (lectura fuera de l\u00edmites) o posiblemente tener otro impacto no especificado a trav\u00e9s de datos de cabecera manipulados."
}
],
"id": "CVE-2016-4543",
"lastModified": "2024-11-21T02:52:26.880",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-22T01:59:28.353",
"references": [
{
"source": "security@debian.org",
"tags": [
"Mailing List"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html"
},
{
"source": "security@debian.org",
"tags": [
"Patch",
"Release Notes"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "security@debian.org",
"tags": [
"Patch"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "security@debian.org",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2016/dsa-3602"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/05/21"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/bid/89844"
},
{
"source": "security@debian.org",
"tags": [
"Exploit"
],
"url": "https://bugs.php.net/bug.php?id=72094"
},
{
"source": "security@debian.org",
"url": "https://git.php.net/?p=php-src.git%3Ba=commit%3Bh=082aecfc3a753ad03be82cf14f03ac065723ec92"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
},
{
"source": "security@debian.org",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "security@debian.org",
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Release Notes"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/05/21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/89844"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://bugs.php.net/bug.php?id=72094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.php.net/?p=php-src.git%3Ba=commit%3Bh=082aecfc3a753ad03be82cf14f03ac065723ec92"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201611-22"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-22 11:19
Modified
2024-11-21 01:51
Severity ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2359.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| hp | system_management_homepage | 7.0 | |
| hp | system_management_homepage | 7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "525F8984-5088-4A9F-9EBE-031FDCF3C26C",
"versionEndIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A2A419-3E62-4244-83D9-354755BEAA0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26EB8583-BF1A-4DA7-B560-EDDEBD4D7DA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2359."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en HP System Management Homepage (SMH) anterior a 7.2.1, permite a usuarios autenticados remotamente provocar una denegaci\u00f3n de servicio a trav\u00e9s de vectores desconocidos. Vulnerabilidad distinta de CVE-2013-2357, CVE-2013-2358, y CVE-2013-2359."
}
],
"id": "CVE-2013-2360",
"lastModified": "2024-11-21T01:51:31.730",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-22T11:19:36.233",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-04-24 14:59
Modified
2024-11-21 02:28
Severity ?
Summary
cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A2286E-9D1C-4B56-8B40-150201B818AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF9BC68-7F0D-4DF9-9CD8-6CE9844555C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D35FAC77-A0DD-4AF9-AA9E-A4B170842D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "831B1114-7CA7-43E3-9A15-592218060A1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B0A12E-E122-4189-A05E-4FEA43C19876",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2E1F9453-1FB6-4CA7-9285-A243E56667B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.10.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F79828BB-2412-46AD-BE3C-A51B48E191AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.10.8:*:*:*:*:*:*:*",
"matchCriteriaId": "72D0F13F-D56F-4C1C-A3CF-2E4E704817CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90A4F2E2-1B43-470E-8935-CB32F12A0124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "797DF5C7-509E-48FD-BD04-C66E01748728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "47BD868A-CE3B-4E39-A588-C4EDA3265A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4A2EE400-1C36-40F4-A9D1-9AB432F168BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "06E3CB14-FB16-4F4E-9AD9-A02DC727FF6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "08DCC42C-C881-4AEA-9348-E8317C54D62B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2BC4EF5A-C8CB-4F33-B4D1-E4192B179D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81CEF54A-9668-4031-926F-9B978DD5CDF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45068C90-8915-4D19-B36B-993980E28D08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24543011-2458-47B5-984A-901E70084902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB482A9C-D577-4AEE-A08F-CAFA6586B51E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "65AF9B86-A555-4D5E-B24E-9EBF78BCD8CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60BBDF07-DB97-433E-B542-EFEBE45550DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA8BE3F8-82ED-4DD7-991E-979E950C98B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.15.2:*:*:*:*:*:*:*",
"matchCriteriaId": "738AA231-4694-46E8-B559-1594263A9987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.15.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E9E1F171-B887-499A-BF4F-538EBF347811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.15.4:*:*:*:*:*:*:*",
"matchCriteriaId": "07AA276A-0EBA-4DC9-951C-8F8159FAC7A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.15.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DEEF534-9AD2-4439-9D69-E91D062C4647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.16.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63643BE1-C978-4CD2-8ED1-2B979DB0676E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F6FA04A0-9258-4654-ABCF-F41340B1FA35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DE829230-AFDB-4131-9C6A-D9D7A66C5B57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.16.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E8BA30-8087-48D4-AE1B-48326FF826B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.16.4:*:*:*:*:*:*:*",
"matchCriteriaId": "47970EFF-2F51-4875-A6BD-E30614E13278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52C9B668-3204-41C5-A82E-262BDFA541DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.17.1:*:*:*:*:*:*:*",
"matchCriteriaId": "08C8EE1E-E186-42D6-8B12-05865C73F261",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EEA3D88B-41B9-4D79-B47D-B3D6058C0C27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C2C80901-D48E-4C2A-9BED-A40007A11C97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.18.2:*:*:*:*:*:*:*",
"matchCriteriaId": "331A51E4-AA73-486F-9618-5A83965F2436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.19.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EB32DF2C-9208-4853-ADEB-B00D764D7467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.19.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E05636DC-7E38-4605-AAB8-81C0AE37520A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.19.2:*:*:*:*:*:*:*",
"matchCriteriaId": "624DF2F1-53FD-48D3-B93D-44E99C9C0C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.19.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2171C7C-311A-4405-B95F-3A54966FA844",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.19.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5DE20A41-8B53-46FC-9002-69CC7495171F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.19.5:*:*:*:*:*:*:*",
"matchCriteriaId": "87ED9DA0-E880-4CBB-B1AC-5AEE8A004718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.19.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5293C7F0-BF9F-4768-889A-876CE78903CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.19.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EB41B3-65F3-4B0E-8CCC-325B14AF605B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.20.0:*:*:*:*:*:*:*",
"matchCriteriaId": "857B244C-2AFB-40C7-A893-7C6DE9871BCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B732CE55-820A-40E0-A885-71BBB6CF8C15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.21.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0455A5F2-1515-4CD8-BA2F-74D28E91A661",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "29034B3A-BE9D-4D68-8C56-4465C03C3693",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.21.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6249538E-FBCB-4130-91FB-DA78D7BA45DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.21.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E11B8A5-50A2-468F-BFB3-86DD9D28AC73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.21.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EAE25A0-3828-46F1-AB30-88732CBC9F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.21.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1533A85C-2160-445D-8787-E624AEDC5A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.21.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D87B9393-7EA4-43DA-900C-7E840AE2D4C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.21.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1249E9-304F-4952-8DAB-8B79CE5E7D54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.22.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83FAF953-6A65-4FAB-BDB5-03B468CD1C9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.23.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29F8FF1F-A639-4161-9366-62528AAF4C07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.23.1:*:*:*:*:*:*:*",
"matchCriteriaId": "812AB429-379A-4EDE-9664-5BC2989053F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.24.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13DD791F-C4BD-4456-955A-92E84082AA09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.25.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4A17E442-45AA-4780-98B4-9BF764DCC1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.26.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6AF544C-5F16-4434-B9FB-93B1B7318950",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.27.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBFD9ED9-2412-44AE-9C55-0ED03A121B23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.28.0:*:*:*:*:*:*:*",
"matchCriteriaId": "67CCE31B-ABDA-4F32-BAF1-B1AD0664B3E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.28.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9E66A332-ECD1-4452-B444-FB629022FDF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD3D599-35E9-4590-B5E0-3AF04D344695",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3B6BFFB-7967-482C-9B49-4BD25C815299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1791BF6D-2C96-4A6E-90D4-2906A73601F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*",
"matchCriteriaId": "260DD751-4145-4B75-B892-5FC932C6A305",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFF4AD0D-2EC5-4CE8-B6B3-2EC8ED2FF118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB1CB85-0A9B-4816-B471-278774EE6D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3831AB03-4E7E-476D-9623-58AADC188DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABACE305-2F0C-4B59-BC5C-6DF162B450E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FAC1B55-F492-484E-B837-E7745682DE0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D57914-B40A-462B-9C78-6433BE2B2DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9A12DF7-62C5-46AD-9236-E2821C64156E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*",
"matchCriteriaId": "4C43697D-390A-4AC0-A5D8-62B6D22245BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D52E9E9F-7A35-4CB9-813E-5A1D4A36415C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*",
"matchCriteriaId": "257291FB-969C-4413-BA81-806B5E1B40A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D06BF4CE-299F-42E4-BA0A-5D68788C92DF",
"versionEndIncluding": "7.5.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:haxx:curl:7.10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5D65CDC0-580B-42B3-97E8-69BE44CDB68C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.10.7:*:*:*:*:*:*:*",
"matchCriteriaId": "01001EEA-AB99-4041-8188-38CEBE9C3031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.10.8:*:*:*:*:*:*:*",
"matchCriteriaId": "31DB0DA3-88B7-43ED-8102-CEBC28524CE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "87596B6A-A7B3-4256-9982-45D3B6E3E018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0045855F-A707-415A-AC12-6981B68B08E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B49807DC-0BDA-41F6-BB76-7C62328D245F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0A78B6B8-9F4B-46AC-BB04-7EBADC690CBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EFE80B46-33F0-4338-AF37-9E7E31FC5E83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD38D8C6-9EEE-4160-9353-773943A560B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FD33549E-EFFB-466F-8B47-BE036D454693",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16BB71C8-3564-4E69-A2C3-E9AB1F9EF20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4966AA12-15DB-44E5-84AF-9D7AF4A52F86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "827B6C8A-59C4-4714-9406-5C8EB5073AB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "93A11305-E4FF-473B-9415-AF1F0E7A27D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8444095B-AF8F-42B5-BD4D-9CBE9238E42D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C22F23AE-02AB-42F0-AA16-D2F8C94E5DE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B33DE520-BD2A-4499-B1F8-1439AE16AB57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.15.2:*:*:*:*:*:*:*",
"matchCriteriaId": "041FCB20-E74F-4550-AC48-EE4E5875E118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.15.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D16DBA5E-582F-4648-932E-8A1EFB7FE3D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.15.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A25323F4-7C67-4097-AD53-A6B9E6D96BA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.15.5:*:*:*:*:*:*:*",
"matchCriteriaId": "36919682-F59E-4EC0-886C-AE967F636753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.16.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B45AF234-3651-4367-BFEF-8766F66FB138",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E46A9126-A02E-44CD-885D-0956E0C87C2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91E9C756-7FE3-4197-8C18-99CD1F49B0D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.16.3:*:*:*:*:*:*:*",
"matchCriteriaId": "88806B7D-5EFE-4F91-B115-732882D2C126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.16.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BB9E8AB-B3EC-4743-B39B-7325EEB17233",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5030FBB0-C95B-4ADE-BFC2-CCA37AAD019B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.17.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5513618A-6770-4292-95D1-68F55D8343CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7494C01F-E9EC-406E-879A-B2045865E282",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD9F894-4576-4ED1-9F55-4C27ECE7E058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.18.2:*:*:*:*:*:*:*",
"matchCriteriaId": "49AFACAC-BBAF-469B-BF05-0478E987120F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.19.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6A136E86-0697-4915-BC49-F570C776EDE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.19.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ECB241AF-A01D-4FD6-B98A-F4C20F844C2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.19.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C5B61901-F7DF-4805-8EB7-CA1701CA81CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.19.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0CDEC9-224A-4668-B2E4-2145653E3F2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.19.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E92BE9CB-F001-47A0-94E0-48FC01A63FE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.19.5:*:*:*:*:*:*:*",
"matchCriteriaId": "324E2A20-2F66-4E03-9A7F-A09E631E9033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.19.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C8987B53-BD80-40B9-8429-21AD97208040",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.19.7:*:*:*:*:*:*:*",
"matchCriteriaId": "490D1BDC-33B9-43BA-B6DA-42DEE577082A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.20.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B465BE7E-0B4D-4BC4-894B-3F51A201CE91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CAA17087-3021-4961-B53C-CDCC872A31A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.21.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5CA3936-4602-40E6-B75C-58D3F24268E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D87C110C-21DD-438A-90EF-BE516CF59F3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.21.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD2D9E0E-2EED-4FB5-859C-05226FC48D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.21.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA01E21-71CE-4B07-B5A6-D0D7AC493A5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.21.4:*:*:*:*:*:*:*",
"matchCriteriaId": "51239254-31CE-4BF7-8669-1525BA391362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.21.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2E2BE20D-232D-4C86-81B0-C82CCC1CAA62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.21.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D652FD7C-1521-4391-AAE1-0A4D6F4CE8F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.21.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DB861143-F809-45CF-95BE-E64F4BA1A0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.22.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3480F4A-0AE0-4428-9EDA-5A6B994909A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.23.0:*:*:*:*:*:*:*",
"matchCriteriaId": "936BF59E-33A8-46BA-9FBD-8763812E2F10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.23.1:*:*:*:*:*:*:*",
"matchCriteriaId": "33168C81-6DAE-40D6-9693-68390CD71DA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.24.0:*:*:*:*:*:*:*",
"matchCriteriaId": "424F9604-AA9A-4D45-A521-0BDEDB723659",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.25.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DC6EBCEB-E52C-4FF5-B15A-6960F58090EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.26.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D204E994-4591-403C-8EF3-D3B7BF4AA1A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.27.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF5418D-1162-4B1E-BC3D-06A3E084BEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.28.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA65F31-3D54-4F66-A0A3-2BD993FF38F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.28.1:*:*:*:*:*:*:*",
"matchCriteriaId": "41ACC9FE-62FF-424B-B4B8-B033FEAF7686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.29.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8BC39E9-5945-4DC8-ACA8-1C9918D9F279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.30.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B9658447-FBB0-4DEA-8FEE-BD4D3D1BF7FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.31.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5ECABFCB-0D02-4B5B-BB35-C6B3C0896348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.32.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A5176F0-E62F-46FF-B536-DC0680696773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.33.0:*:*:*:*:*:*:*",
"matchCriteriaId": "506A3761-3D24-43DB-88D8-4EB5B9E8BA5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.34.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B6EF8B0-0E86-449C-A500-ACD902A78C7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.35.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D558CC2-0146-4887-834E-19FCB1D512A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.36.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6931764D-16AB-4546-9CE3-5B4E03BC984A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.37.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC1313E-8DCB-4B29-A9BC-A27C8CB360E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.37.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B27C2E02-5C0A-4A12-B0A6-5B1C0DFA94E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.38.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFC7535F-B8C7-490F-A2F9-1DCFD41A3C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.39.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CCBFE6D-F6A9-4394-9AF8-F830DC7E6A81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEBBFCA-6A18-4F8F-B841-50255C952FA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FEEAE437-A645-468B-B283-44799658F534",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request."
},
{
"lang": "es",
"value": "cURL y libcurl 7.10.6 hasta la versi\u00f3n 7.41.0 no reutiliza adecuadamente la conexiones Negotiate autenticadas, lo que permite a atacantes remotos conectarse como otros usuarios a trav\u00e9s de una solicitud."
}
],
"id": "CVE-2015-3148",
"lastModified": "2024-11-21T02:28:46.560",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-24T14:59:11.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0179.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://curl.haxx.se/docs/adv_20150422B.html"
},
{
"source": "secalert@redhat.com",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145612005512270\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3232"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:220"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/74301"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securitytracker.com/id/1032232"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2591-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0179.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://curl.haxx.se/docs/adv_20150422B.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145612005512270\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3232"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74301"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securitytracker.com/id/1032232"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2591-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/kb/HT205031"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-09-24 19:00
Modified
2024-11-21 01:18
Severity ?
Summary
Open redirect vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "837D0ADA-3858-468E-877A-9363CB7C9696",
"versionEndIncluding": "6.1.0.102",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1.104:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDEA64C-7511-4E71-8DFA-6E66531AC461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2.106:*:*:*:*:*:*:*",
"matchCriteriaId": "F304AB45-8298-4426-91B3-B99ED7FF6C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "1C035D5C-90ED-4259-B05C-BEF93D81F42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103\\(a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "824996A5-C2CC-4FC5-8705-F6B4D69F39B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBF9F0E-AA30-4E5A-B23E-DD895303245C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2005B3-1914-4B4B-892A-8CCC0F39EF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0.121:*:*:*:*:*:*:*",
"matchCriteriaId": "61ED0B94-3CC3-427C-A038-90C6CEF768BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6426924C-AA5C-4C93-AB8B-9314CD010139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7DCF4F-609A-497B-A32E-3D946EC2EE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2.127:*:*:*:*:*:*:*",
"matchCriteriaId": "ECEAE287-0A13-4DB3-A36D-BD50148BE9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E5C789-9827-47DF-A47C-454DF7687E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECF53BE-0E3A-41F8-AFD2-29CA3F2D0C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4.143:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D25EAF-145F-4D96-836E-1B7C3FE53E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBB25A-A1DE-4943-9EE5-0FCF21A55666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*",
"matchCriteriaId": "C43EF082-E9AB-41D3-B7AF-936B84BB6AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5379C7-0061-4C53-8B81-45F8063956DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:b:*:*:*:*:*:*",
"matchCriteriaId": "FD94C7BD-B398-42BF-9FB9-EB4581AF98E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B61485E4-6EC1-4886-AB47-F5BC8E72A08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*",
"matchCriteriaId": "203163D8-15E8-4F2D-A807-7643EA0D6920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6.156:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF2CB88-3E10-48BF-8D49-994A3E6014E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E354FF4-5CDD-4B79-B56C-2C774B235D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9CEFE-23C2-4455-BE6F-51D26487D3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7.168:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1A3FCF-B0AD-45DF-96D3-09BE755F94A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0DA8D6-3B1D-4935-855E-9431EB4BA683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8.179:*:*:*:*:*:*:*",
"matchCriteriaId": "D75CC6FB-FB51-42DD-B708-54A99B10F70A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFAF26C-7BFE-479E-880C-B13E78780625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95912B-8C95-4CA8-BDA7-76074E20E362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3162C720-A042-48D8-A598-5CC9845C5715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDD728B-9E92-4EC8-BD61-6E1AE300CE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:*:*:*:*:*:*:*",
"matchCriteriaId": "73D573A1-93F3-4652-9E64-EDED09731EF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:b:*:*:*:*:*:*",
"matchCriteriaId": "8B6EF4B8-AF43-4777-9556-CA6DFF864B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:c:*:*:*:*:*:*",
"matchCriteriaId": "42050FEF-5456-4340-9AD1-00448E4B5E34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEEE1E4-1883-411E-A4BA-985041880439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3E3BC1-A986-4942-80FA-5911428F8E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11.197:a:*:*:*:*:*:*",
"matchCriteriaId": "96B6DA99-20FA-4622-8F1C-3086143CAE90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AC00-8A30-49CB-956D-715053A920D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*",
"matchCriteriaId": "F425004A-EC16-44E8-A297-21F33F802FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12.201:*:*:*:*:*:*:*",
"matchCriteriaId": "849BE02B-513B-405E-A430-DF9D02C0A666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C46B2D3D-1B9A-4AE4-BDE2-4E6C388356EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14.204:*:*:*:*:*:*:*",
"matchCriteriaId": "5E380736-DB0E-4A1A-AD08-0E1ACD3AC139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15-210:*:*:*:*:*:*:*",
"matchCriteriaId": "BD611329-F5D3-455D-A275-4D61429357E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15.210:*:*:*:*:*:*:*",
"matchCriteriaId": "09857263-747C-40F5-9744-21FD03187CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2C14DB20-E22E-466E-A3CD-C841CFDF2A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8881820B-29B4-41DB-AEED-5513A347E290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0-68:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0C8455-CAAC-463E-A0D6-D21B8FB1BE31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "C78C2C5A-F788-4F25-BD19-50C76C802329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1-73:*:*:*:*:*:*:*",
"matchCriteriaId": "4F6E0634-1562-4DC4-80A1-283ED369176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1.73:*:*:*:*:*:*:*",
"matchCriteriaId": "70E1319D-7BA1-43AC-A4E2-69D2E885DE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2-77:*:*:*:*:*:*:*",
"matchCriteriaId": "692B6E95-A67C-41E4-AEF7-CD4F01E802D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE5FC25-ADBE-41E9-A5F6-51BE9D451AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:b:*:*:*:*:*:*",
"matchCriteriaId": "BBE1D8A2-4AE0-4D0B-8D4D-D842E74ED328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "19DC0DB5-998A-4CE3-9AFE-A4009E6E755F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0-95:*:*:*:*:*:*:*",
"matchCriteriaId": "8CF6C235-1889-453D-8DBF-3A6165DEC833",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "51033974-B685-4214-B45D-5ED7DBDA95AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CBED89BD-C66E-4B5B-AA6F-8F79246AE5DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "81DB7A7A-A051-40AE-A12E-A54DF6F41C7C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de redirecci\u00f3n involuntaria en HP System Management Homepage (SMH) en versiones anteriores a la v6.2 permite a atacantes remotos redirigir a usuarios a p\u00e1ginas web de su elecci\u00f3n y realizar ataques de phishing a trav\u00e9s de vectores de ataque sin especificar."
}
],
"id": "CVE-2010-3283",
"lastModified": "2024-11-21T01:18:26.177",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-09-24T19:00:04.823",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128525419119241\u0026w=2"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128525419119241\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128525419119241\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128525419119241\u0026w=2"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-22 11:19
Modified
2024-11-21 01:51
Severity ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2359, and CVE-2013-2360.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| hp | system_management_homepage | 7.0 | |
| hp | system_management_homepage | 7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "525F8984-5088-4A9F-9EBE-031FDCF3C26C",
"versionEndIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A2A419-3E62-4244-83D9-354755BEAA0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26EB8583-BF1A-4DA7-B560-EDDEBD4D7DA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2359, and CVE-2013-2360."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en HP System Management Homepage (SMH) anterior a 7.2.1, permite a usuarios autenticados remotamente provocar una denegaci\u00f3n de servicio a trav\u00e9s de vectores desconocidos. Vulnerabilidad distinta de CVE-2013-2357, CVE-2013-2359, y CVE-2013-2360."
}
],
"id": "CVE-2013-2358",
"lastModified": "2024-11-21T01:51:31.507",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-22T11:19:36.193",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-22 11:19
Modified
2024-11-21 01:51
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| hp | system_management_homepage | 7.0 | |
| hp | system_management_homepage | 7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "525F8984-5088-4A9F-9EBE-031FDCF3C26C",
"versionEndIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A2A419-3E62-4244-83D9-354755BEAA0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26EB8583-BF1A-4DA7-B560-EDDEBD4D7DA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en HP System Management Homepage (SMH) anterior a 7.2.1, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2013-2361",
"lastModified": "2024-11-21T01:51:31.850",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-07-22T11:19:36.253",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-22 11:19
Modified
2024-11-21 01:51
Severity ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2358, CVE-2013-2359, and CVE-2013-2360.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| hp | system_management_homepage | 7.0 | |
| hp | system_management_homepage | 7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "525F8984-5088-4A9F-9EBE-031FDCF3C26C",
"versionEndIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A2A419-3E62-4244-83D9-354755BEAA0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26EB8583-BF1A-4DA7-B560-EDDEBD4D7DA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2358, CVE-2013-2359, and CVE-2013-2360."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en HP System Management Homepage (SMH) anterior a 7.2.1, permite a usuarios autenticados remotamente provocar una denegaci\u00f3n de servicio a trav\u00e9s de vectores desconocidos. Vulnerabilidad distinta de CVE-2013-2358, CVE-2013-2359, y CVE-2013-2360."
}
],
"id": "CVE-2013-2357",
"lastModified": "2024-11-21T01:51:31.400",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-22T11:19:36.157",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-10-02 00:55
Modified
2024-11-21 02:06
Severity ?
Summary
HP System Management Homepage (SMH) before 7.4 allows remote attackers to conduct clickjacking attacks via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| hp | system_management_homepage | 7.0 | |
| hp | system_management_homepage | 7.1 | |
| hp | system_management_homepage | 7.2 | |
| hp | system_management_homepage | 7.2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "435ADA3D-8492-4643-852F-1C159D0D3CFF",
"versionEndIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A2A419-3E62-4244-83D9-354755BEAA0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26EB8583-BF1A-4DA7-B560-EDDEBD4D7DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B3B1667E-A36B-4777-976B-786E44747ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "416F2C9F-8FF2-4C31-98E2-545DE95A1F24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HP System Management Homepage (SMH) before 7.4 allows remote attackers to conduct clickjacking attacks via unspecified vectors."
},
{
"lang": "es",
"value": "HP System Management Homepage (SMH) anterior a 7.4 permite a atacantes remotos realizar ataques de clickjacking a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-2642",
"lastModified": "2024-11-21T02:06:42.510",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-10-02T00:55:03.343",
"references": [
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securitytracker.com/id/1030960"
},
{
"source": "hp-security-alert@hp.com",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"source": "hp-security-alert@hp.com",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030960"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-04-28 22:30
Modified
2024-11-21 01:14
Severity ?
Summary
Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "1C035D5C-90ED-4259-B05C-BEF93D81F42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103\\(a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "824996A5-C2CC-4FC5-8705-F6B4D69F39B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBF9F0E-AA30-4E5A-B23E-DD895303245C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2005B3-1914-4B4B-892A-8CCC0F39EF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6426924C-AA5C-4C93-AB8B-9314CD010139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7DCF4F-609A-497B-A32E-3D946EC2EE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E5C789-9827-47DF-A47C-454DF7687E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBB25A-A1DE-4943-9EE5-0FCF21A55666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*",
"matchCriteriaId": "C43EF082-E9AB-41D3-B7AF-936B84BB6AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B61485E4-6EC1-4886-AB47-F5BC8E72A08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*",
"matchCriteriaId": "203163D8-15E8-4F2D-A807-7643EA0D6920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E354FF4-5CDD-4B79-B56C-2C774B235D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9CEFE-23C2-4455-BE6F-51D26487D3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0DA8D6-3B1D-4935-855E-9431EB4BA683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFAF26C-7BFE-479E-880C-B13E78780625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95912B-8C95-4CA8-BDA7-76074E20E362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDD728B-9E92-4EC8-BD61-6E1AE300CE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3E3BC1-A986-4942-80FA-5911428F8E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AC00-8A30-49CB-956D-715053A920D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*",
"matchCriteriaId": "F425004A-EC16-44E8-A297-21F33F802FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2C14DB20-E22E-466E-A3CD-C841CFDF2A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8881820B-29B4-41DB-AEED-5513A347E290",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de redireccionamiento directo en red2301.html en HP System Management Homepage (SMH) v2.x.x.x permite a atacantse remotos redireccionar a los usuarios a un sitio web a su elecci\u00f3n y provocar ataques phishing a trav\u00e9s del par\u00e1metro REdirectUrl.\r\n"
}
],
"id": "CVE-2010-1586",
"lastModified": "2024-11-21T01:14:44.563",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-04-28T22:30:00.917",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/39676"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://yehg.net/lab/pr0js/advisories/hp_system_management_homepage_url_redirection_abuse"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58107"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/39676"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://yehg.net/lab/pr0js/advisories/hp_system_management_homepage_url_redirection_abuse"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58107"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-06-29 22:55
Modified
2024-11-21 01:38
Severity ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote authenticated users to gain privileges and obtain sensitive information via unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E5107E0-A182-403D-A04E-3A46366825F3",
"versionEndIncluding": "7.1.0-16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1.104:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDEA64C-7511-4E71-8DFA-6E66531AC461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2.106:*:*:*:*:*:*:*",
"matchCriteriaId": "F304AB45-8298-4426-91B3-B99ED7FF6C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "1C035D5C-90ED-4259-B05C-BEF93D81F42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103\\(a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "824996A5-C2CC-4FC5-8705-F6B4D69F39B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBF9F0E-AA30-4E5A-B23E-DD895303245C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2005B3-1914-4B4B-892A-8CCC0F39EF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0.121:*:*:*:*:*:*:*",
"matchCriteriaId": "61ED0B94-3CC3-427C-A038-90C6CEF768BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6426924C-AA5C-4C93-AB8B-9314CD010139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7DCF4F-609A-497B-A32E-3D946EC2EE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2.127:*:*:*:*:*:*:*",
"matchCriteriaId": "ECEAE287-0A13-4DB3-A36D-BD50148BE9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E5C789-9827-47DF-A47C-454DF7687E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECF53BE-0E3A-41F8-AFD2-29CA3F2D0C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4.143:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D25EAF-145F-4D96-836E-1B7C3FE53E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBB25A-A1DE-4943-9EE5-0FCF21A55666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*",
"matchCriteriaId": "C43EF082-E9AB-41D3-B7AF-936B84BB6AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5379C7-0061-4C53-8B81-45F8063956DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:b:*:*:*:*:*:*",
"matchCriteriaId": "FD94C7BD-B398-42BF-9FB9-EB4581AF98E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B61485E4-6EC1-4886-AB47-F5BC8E72A08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*",
"matchCriteriaId": "203163D8-15E8-4F2D-A807-7643EA0D6920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6.156:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF2CB88-3E10-48BF-8D49-994A3E6014E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E354FF4-5CDD-4B79-B56C-2C774B235D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9CEFE-23C2-4455-BE6F-51D26487D3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7.168:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1A3FCF-B0AD-45DF-96D3-09BE755F94A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0DA8D6-3B1D-4935-855E-9431EB4BA683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8.179:*:*:*:*:*:*:*",
"matchCriteriaId": "D75CC6FB-FB51-42DD-B708-54A99B10F70A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFAF26C-7BFE-479E-880C-B13E78780625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95912B-8C95-4CA8-BDA7-76074E20E362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3162C720-A042-48D8-A598-5CC9845C5715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDD728B-9E92-4EC8-BD61-6E1AE300CE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:*:*:*:*:*:*:*",
"matchCriteriaId": "73D573A1-93F3-4652-9E64-EDED09731EF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:b:*:*:*:*:*:*",
"matchCriteriaId": "8B6EF4B8-AF43-4777-9556-CA6DFF864B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:c:*:*:*:*:*:*",
"matchCriteriaId": "42050FEF-5456-4340-9AD1-00448E4B5E34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEEE1E4-1883-411E-A4BA-985041880439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3E3BC1-A986-4942-80FA-5911428F8E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11.197:a:*:*:*:*:*:*",
"matchCriteriaId": "96B6DA99-20FA-4622-8F1C-3086143CAE90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AC00-8A30-49CB-956D-715053A920D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*",
"matchCriteriaId": "F425004A-EC16-44E8-A297-21F33F802FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12.201:*:*:*:*:*:*:*",
"matchCriteriaId": "849BE02B-513B-405E-A430-DF9D02C0A666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "4C655A93-EAF6-4AC5-97B6-39601457FE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C46B2D3D-1B9A-4AE4-BDE2-4E6C388356EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "50D50984-75F5-4F70-96BB-E2133E1360AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15-210:*:*:*:*:*:*:*",
"matchCriteriaId": "BD611329-F5D3-455D-A275-4D61429357E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15.210:*:*:*:*:*:*:*",
"matchCriteriaId": "09857263-747C-40F5-9744-21FD03187CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2C14DB20-E22E-466E-A3CD-C841CFDF2A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8881820B-29B4-41DB-AEED-5513A347E290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA1487A6-D639-4CA5-9696-47E04D621AD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0-68:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0C8455-CAAC-463E-A0D6-D21B8FB1BE31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "C78C2C5A-F788-4F25-BD19-50C76C802329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "46BDF870-3717-4486-8F45-55794F3DC712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1-73:*:*:*:*:*:*:*",
"matchCriteriaId": "4F6E0634-1562-4DC4-80A1-283ED369176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1.73:*:*:*:*:*:*:*",
"matchCriteriaId": "70E1319D-7BA1-43AC-A4E2-69D2E885DE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7C8CC2-1C1C-4813-8CEE-70F3F2AF3F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2-77:*:*:*:*:*:*:*",
"matchCriteriaId": "692B6E95-A67C-41E4-AEF7-CD4F01E802D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE5FC25-ADBE-41E9-A5F6-51BE9D451AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:b:*:*:*:*:*:*",
"matchCriteriaId": "BBE1D8A2-4AE0-4D0B-8D4D-D842E74ED328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "19DC0DB5-998A-4CE3-9AFE-A4009E6E755F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0-95:*:*:*:*:*:*:*",
"matchCriteriaId": "8CF6C235-1889-453D-8DBF-3A6165DEC833",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "51033974-B685-4214-B45D-5ED7DBDA95AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CBED89BD-C66E-4B5B-AA6F-8F79246AE5DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "81DB7A7A-A051-40AE-A12E-A54DF6F41C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0.102:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2379BD-5FAE-4D3D-8BDF-0BD3DC3EAA41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8A4A11-24D2-4BEC-9D29-78BB72518A59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1B21D4B4-172C-4D00-AAC1-459F33F4D3BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C17F3CE1-D6A2-4B15-856C-8D083B32274F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7349879C-6CBE-4636-B6E7-C25955DE680B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A2A419-3E62-4244-83D9-354755BEAA0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote authenticated users to gain privileges and obtain sensitive information via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en HP System Management Homepage (SMH) anteriores a 7.1.1 permite a usuarios autenticados remotos escalar privilegios y obtener informaci\u00f3n confidencial a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2012-2015",
"lastModified": "2024-11-21T01:38:18.077",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-06-29T22:55:01.157",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-09 18:59
Modified
2024-11-21 02:30
Severity ?
Summary
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7883E465-932D-4C11-AA54-97E44181F906",
"versionEndIncluding": "10.10.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D712E27-BB9C-4626-BFD2-12E50F9C2FD4",
"versionEndIncluding": "5.4.40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.39:*:*:*:*:*:*:*",
"matchCriteriaId": "14D652D3-59BB-4BCA-95E4-87A8102154CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F6D9B19-E64D-4BED-9194-17460CE19E6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "3D25E591-448C-4E3B-8557-6E48F7571796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "3AF783C9-26E7-4E02-BD41-77B9783667E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "7AEDF6F7-001D-4A35-A26F-417991AD377F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "4031DB99-B4B4-41EC-B3C1-543D92C575A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "D5450EA7-A398-49D2-AA8E-7C95B074BAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "BB8E09D8-9CBE-4279-88B7-24A214A5A537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "2D41ECCE-887D-49A2-9BB3-B559495AC55B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "79B418BC-27F4-4443-A0F7-FF4ADA568C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F644EA6C-50C6-4A1C-A4AC-287AA9477B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD47F30-74F5-48E8-8657-C2373FE2BD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0C09527B-6B47-41F8-BDE6-01C47E452286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2E454D87-23CB-4D7F-90FE-942EE54D661F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "130E50C1-D209-4CFF-9399-69D561340FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F29948-9417-460B-8B04-D91AE4E8B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "093D08B7-CC3C-4616-8697-F15B253A7D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A30B2D9E-F289-43C9-BFBC-1CEF284A417E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6AEAC9BA-AF82-4345-839C-D339DCB962A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFE682F-52E3-48EC-A993-F522FC29712F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "AC63A449-5D92-4F5F-8186-B58FFFBA54FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F18236F6-2065-4A6A-93E7-FD90E650C689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*",
"matchCriteriaId": "DEFBA84A-A4E4-438B-B9B5-8549809DCECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "146D3DC9-50F4-430B-B321-68ECE78879A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5A7CA6-7653-46C5-8DF7-95584BF7A879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "59A42F02-F363-4C13-BE83-19F757B84455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "54ADECFC-3C07-43BC-B296-6C25AC7F1C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "FE192054-2FBB-4388-A52A-422E20DEA2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "F0195D48-3B42-4AC0-B9C5-436E01C63879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "21BFCF10-786A-4D1E-9C37-50A1EC6056F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "95A6D6C8-5F46-4897-A0B0-778631E8CE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D06BF4CE-299F-42E4-BA0A-5D68788C92DF",
"versionEndIncluding": "7.5.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7A498A-A669-4C42-8134-86103C799D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*",
"matchCriteriaId": "104DA87B-DEE4-4262-AE50-8E6BC43B228B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1C288F-326B-497B-B26C-D26E01262DDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome."
},
{
"lang": "es",
"value": "Vulnerabilidad de complejidad algor\u00edtmica en la funci\u00f3n multipart_buffer_headers en main/rfc1867.c en PHP anterior a 5.4.41, 5.5.x anterior a 5.5.25, y 5.6.x anterior a 5.6.9 permiten a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de CPU) a trav\u00e9s de datos de formularios manipulados que provocan un resultado de orden de crecimiento incorrecto."
}
],
"id": "CVE-2015-4024",
"lastModified": "2024-11-21T02:30:17.543",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-09T18:59:06.770",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1219.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3280"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/74903"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032432"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugs.php.net/bug.php?id=69364"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"source": "cve@mitre.org",
"url": "https://support.apple.com/kb/HT205031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1219.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74903"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugs.php.net/bug.php?id=69364"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/kb/HT205031"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-22 11:19
Modified
2024-11-21 01:51
Severity ?
Summary
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2012-5217.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| hp | system_management_homepage | 7.0 | |
| hp | system_management_homepage | 7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "525F8984-5088-4A9F-9EBE-031FDCF3C26C",
"versionEndIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A2A419-3E62-4244-83D9-354755BEAA0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26EB8583-BF1A-4DA7-B560-EDDEBD4D7DA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2012-5217."
},
{
"lang": "es",
"value": "HP System Management Homepage (SMH) anterior a 7.2.1, permite a atacantes remotos evitar las restricciones de acceso establecidas y obtener informaci\u00f3n sensible a trav\u00e9s de vectores sin especificar. Vulnerabilidad distinta de CVE-2013-5217."
}
],
"id": "CVE-2013-2355",
"lastModified": "2024-11-21T01:51:31.190",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-22T11:19:36.047",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-05-19 19:30
Modified
2024-11-21 01:02
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 3.0.1.73 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "904009FC-0506-4119-A26D-7CF3CE5EBDEE",
"versionEndIncluding": "3.0.0-68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1.104:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDEA64C-7511-4E71-8DFA-6E66531AC461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2.106:*:*:*:*:*:*:*",
"matchCriteriaId": "F304AB45-8298-4426-91B3-B99ED7FF6C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "1C035D5C-90ED-4259-B05C-BEF93D81F42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103\\(a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "824996A5-C2CC-4FC5-8705-F6B4D69F39B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBF9F0E-AA30-4E5A-B23E-DD895303245C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2005B3-1914-4B4B-892A-8CCC0F39EF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0.121:*:*:*:*:*:*:*",
"matchCriteriaId": "61ED0B94-3CC3-427C-A038-90C6CEF768BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6426924C-AA5C-4C93-AB8B-9314CD010139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7DCF4F-609A-497B-A32E-3D946EC2EE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2.127:*:*:*:*:*:*:*",
"matchCriteriaId": "ECEAE287-0A13-4DB3-A36D-BD50148BE9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E5C789-9827-47DF-A47C-454DF7687E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECF53BE-0E3A-41F8-AFD2-29CA3F2D0C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4.143:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D25EAF-145F-4D96-836E-1B7C3FE53E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBB25A-A1DE-4943-9EE5-0FCF21A55666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*",
"matchCriteriaId": "C43EF082-E9AB-41D3-B7AF-936B84BB6AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5379C7-0061-4C53-8B81-45F8063956DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:b:*:*:*:*:*:*",
"matchCriteriaId": "FD94C7BD-B398-42BF-9FB9-EB4581AF98E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B61485E4-6EC1-4886-AB47-F5BC8E72A08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*",
"matchCriteriaId": "203163D8-15E8-4F2D-A807-7643EA0D6920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6.156:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF2CB88-3E10-48BF-8D49-994A3E6014E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E354FF4-5CDD-4B79-B56C-2C774B235D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9CEFE-23C2-4455-BE6F-51D26487D3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7.168:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1A3FCF-B0AD-45DF-96D3-09BE755F94A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0DA8D6-3B1D-4935-855E-9431EB4BA683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8.179:*:*:*:*:*:*:*",
"matchCriteriaId": "D75CC6FB-FB51-42DD-B708-54A99B10F70A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFAF26C-7BFE-479E-880C-B13E78780625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95912B-8C95-4CA8-BDA7-76074E20E362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3162C720-A042-48D8-A598-5CC9845C5715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDD728B-9E92-4EC8-BD61-6E1AE300CE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:*:*:*:*:*:*:*",
"matchCriteriaId": "73D573A1-93F3-4652-9E64-EDED09731EF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:b:*:*:*:*:*:*",
"matchCriteriaId": "8B6EF4B8-AF43-4777-9556-CA6DFF864B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:c:*:*:*:*:*:*",
"matchCriteriaId": "42050FEF-5456-4340-9AD1-00448E4B5E34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEEE1E4-1883-411E-A4BA-985041880439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3E3BC1-A986-4942-80FA-5911428F8E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11.197:a:*:*:*:*:*:*",
"matchCriteriaId": "96B6DA99-20FA-4622-8F1C-3086143CAE90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AC00-8A30-49CB-956D-715053A920D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*",
"matchCriteriaId": "F425004A-EC16-44E8-A297-21F33F802FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12.201:*:*:*:*:*:*:*",
"matchCriteriaId": "849BE02B-513B-405E-A430-DF9D02C0A666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C46B2D3D-1B9A-4AE4-BDE2-4E6C388356EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15-210:*:*:*:*:*:*:*",
"matchCriteriaId": "BD611329-F5D3-455D-A275-4D61429357E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15.210:*:*:*:*:*:*:*",
"matchCriteriaId": "09857263-747C-40F5-9744-21FD03187CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2C14DB20-E22E-466E-A3CD-C841CFDF2A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8881820B-29B4-41DB-AEED-5513A347E290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "C78C2C5A-F788-4F25-BD19-50C76C802329",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 3.0.1.73 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en HP System Management Homepage (SMH) anteriores a v3.0.1.73 permite a atacantes remotos inyectar secuencias de comandos web o HTML de forma arbitraria a trav\u00e9s de vectores inespec\u00edficos."
}
],
"evaluatorComment": "Per: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01745065\r\n\r\n\r\n\"SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\n\r\nHP System Management Homepage (SMH) before v3.0.1.73 running on Linux and Windows Server 2003, 2008.\"",
"id": "CVE-2009-1418",
"lastModified": "2024-11-21T01:02:24.810",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-05-19T19:30:00.797",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01745065"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01745065"
},
{
"source": "cve@mitre.org",
"url": "http://jvn.jp/en/jp/JVN02331156/index.html"
},
{
"source": "cve@mitre.org",
"url": "http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000029.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/35108"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1022242"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/35031"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01745065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01745065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN02331156/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1022242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/35031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50633"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-06-29 22:55
Modified
2024-11-21 01:38
Severity ?
Summary
HP System Management Homepage (SMH) before 7.1.1 does not properly validate input, which allows remote authenticated users to have an unspecified impact via unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E5107E0-A182-403D-A04E-3A46366825F3",
"versionEndIncluding": "7.1.0-16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1.104:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDEA64C-7511-4E71-8DFA-6E66531AC461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2.106:*:*:*:*:*:*:*",
"matchCriteriaId": "F304AB45-8298-4426-91B3-B99ED7FF6C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "1C035D5C-90ED-4259-B05C-BEF93D81F42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103\\(a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "824996A5-C2CC-4FC5-8705-F6B4D69F39B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBF9F0E-AA30-4E5A-B23E-DD895303245C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2005B3-1914-4B4B-892A-8CCC0F39EF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0.121:*:*:*:*:*:*:*",
"matchCriteriaId": "61ED0B94-3CC3-427C-A038-90C6CEF768BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6426924C-AA5C-4C93-AB8B-9314CD010139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7DCF4F-609A-497B-A32E-3D946EC2EE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2.127:*:*:*:*:*:*:*",
"matchCriteriaId": "ECEAE287-0A13-4DB3-A36D-BD50148BE9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E5C789-9827-47DF-A47C-454DF7687E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECF53BE-0E3A-41F8-AFD2-29CA3F2D0C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4.143:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D25EAF-145F-4D96-836E-1B7C3FE53E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBB25A-A1DE-4943-9EE5-0FCF21A55666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*",
"matchCriteriaId": "C43EF082-E9AB-41D3-B7AF-936B84BB6AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5379C7-0061-4C53-8B81-45F8063956DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:b:*:*:*:*:*:*",
"matchCriteriaId": "FD94C7BD-B398-42BF-9FB9-EB4581AF98E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B61485E4-6EC1-4886-AB47-F5BC8E72A08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*",
"matchCriteriaId": "203163D8-15E8-4F2D-A807-7643EA0D6920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6.156:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF2CB88-3E10-48BF-8D49-994A3E6014E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E354FF4-5CDD-4B79-B56C-2C774B235D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9CEFE-23C2-4455-BE6F-51D26487D3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7.168:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1A3FCF-B0AD-45DF-96D3-09BE755F94A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0DA8D6-3B1D-4935-855E-9431EB4BA683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8.179:*:*:*:*:*:*:*",
"matchCriteriaId": "D75CC6FB-FB51-42DD-B708-54A99B10F70A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFAF26C-7BFE-479E-880C-B13E78780625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95912B-8C95-4CA8-BDA7-76074E20E362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3162C720-A042-48D8-A598-5CC9845C5715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDD728B-9E92-4EC8-BD61-6E1AE300CE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:*:*:*:*:*:*:*",
"matchCriteriaId": "73D573A1-93F3-4652-9E64-EDED09731EF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:b:*:*:*:*:*:*",
"matchCriteriaId": "8B6EF4B8-AF43-4777-9556-CA6DFF864B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:c:*:*:*:*:*:*",
"matchCriteriaId": "42050FEF-5456-4340-9AD1-00448E4B5E34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEEE1E4-1883-411E-A4BA-985041880439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3E3BC1-A986-4942-80FA-5911428F8E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11.197:a:*:*:*:*:*:*",
"matchCriteriaId": "96B6DA99-20FA-4622-8F1C-3086143CAE90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AC00-8A30-49CB-956D-715053A920D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*",
"matchCriteriaId": "F425004A-EC16-44E8-A297-21F33F802FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12.201:*:*:*:*:*:*:*",
"matchCriteriaId": "849BE02B-513B-405E-A430-DF9D02C0A666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "4C655A93-EAF6-4AC5-97B6-39601457FE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C46B2D3D-1B9A-4AE4-BDE2-4E6C388356EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "50D50984-75F5-4F70-96BB-E2133E1360AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15-210:*:*:*:*:*:*:*",
"matchCriteriaId": "BD611329-F5D3-455D-A275-4D61429357E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15.210:*:*:*:*:*:*:*",
"matchCriteriaId": "09857263-747C-40F5-9744-21FD03187CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2C14DB20-E22E-466E-A3CD-C841CFDF2A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8881820B-29B4-41DB-AEED-5513A347E290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA1487A6-D639-4CA5-9696-47E04D621AD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0-68:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0C8455-CAAC-463E-A0D6-D21B8FB1BE31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "C78C2C5A-F788-4F25-BD19-50C76C802329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "46BDF870-3717-4486-8F45-55794F3DC712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1-73:*:*:*:*:*:*:*",
"matchCriteriaId": "4F6E0634-1562-4DC4-80A1-283ED369176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1.73:*:*:*:*:*:*:*",
"matchCriteriaId": "70E1319D-7BA1-43AC-A4E2-69D2E885DE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7C8CC2-1C1C-4813-8CEE-70F3F2AF3F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2-77:*:*:*:*:*:*:*",
"matchCriteriaId": "692B6E95-A67C-41E4-AEF7-CD4F01E802D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE5FC25-ADBE-41E9-A5F6-51BE9D451AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:b:*:*:*:*:*:*",
"matchCriteriaId": "BBE1D8A2-4AE0-4D0B-8D4D-D842E74ED328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "19DC0DB5-998A-4CE3-9AFE-A4009E6E755F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0-95:*:*:*:*:*:*:*",
"matchCriteriaId": "8CF6C235-1889-453D-8DBF-3A6165DEC833",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "51033974-B685-4214-B45D-5ED7DBDA95AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CBED89BD-C66E-4B5B-AA6F-8F79246AE5DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "81DB7A7A-A051-40AE-A12E-A54DF6F41C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0.102:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2379BD-5FAE-4D3D-8BDF-0BD3DC3EAA41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8A4A11-24D2-4BEC-9D29-78BB72518A59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1B21D4B4-172C-4D00-AAC1-459F33F4D3BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C17F3CE1-D6A2-4B15-856C-8D083B32274F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7349879C-6CBE-4636-B6E7-C25955DE680B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A2A419-3E62-4244-83D9-354755BEAA0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HP System Management Homepage (SMH) before 7.1.1 does not properly validate input, which allows remote authenticated users to have an unspecified impact via unknown vectors."
},
{
"lang": "es",
"value": "HP System Management Homepage (SMH) anteriores a 7.1.1 no valida apropiadamente la entrada, lo que permite a usuarios autenticados remotos tener un impacto sin especificar a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2012-2014",
"lastModified": "2024-11-21T01:38:17.947",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-06-29T22:55:01.110",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-03-18 10:59
Modified
2024-11-21 02:47
Severity ?
Summary
HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D06BF4CE-299F-42E4-BA0A-5D68788C92DF",
"versionEndIncluding": "7.5.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors."
},
{
"lang": "es",
"value": "HPE System Management Homepage en versiones anteriores a 7.5.4 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-1995",
"lastModified": "2024-11-21T02:47:30.950",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-03-18T10:59:04.100",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1035325"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-03-18 10:59
Modified
2024-11-21 02:47
Severity ?
Summary
HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D06BF4CE-299F-42E4-BA0A-5D68788C92DF",
"versionEndIncluding": "7.5.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors."
},
{
"lang": "es",
"value": "HPE System Management Homepage en versiones anteriores a 7.5.4 permite a usuarios locales obtener informaci\u00f3n sensible o modificar datos a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-1996",
"lastModified": "2024-11-21T02:47:31.080",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-03-18T10:59:05.130",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1035325"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-06-19 18:30
Modified
2024-11-21 00:32
Severity ?
Summary
HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assigns the eDirectory members to the root group, which allows remote authenticated eDirectory users to gain privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9648C394-1A9B-40CB-9BE5-C3B013E5FB2E",
"versionEndIncluding": "2.1.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assigns the eDirectory members to the root group, which allows remote authenticated eDirectory users to gain privileges."
},
{
"lang": "es",
"value": "HP System Management Homepage (SMH) anterior a 2.1.9 para Linux, cuando se usa con Novel eDirectory, asigna a los miembros de eDirectory al grupo root, lo cual permite a usuarios de eDirectory autenticados remotamente obtener privilegios."
}
],
"id": "CVE-2007-3260",
"lastModified": "2024-11-21T00:32:47.643",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-06-19T18:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01072894"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01072894"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/37513"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25689"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/24486"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018256"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2232"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01072894"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01072894"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/37513"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25689"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/24486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2232"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34900"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-13 20:00
Modified
2024-11-21 00:51
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.15.210 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-1663.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8066A84-6198-4E4B-85AF-B3C99B3F7CB6",
"versionEndIncluding": "2.1.12-200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "1C035D5C-90ED-4259-B05C-BEF93D81F42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103\\(a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "824996A5-C2CC-4FC5-8705-F6B4D69F39B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBF9F0E-AA30-4E5A-B23E-DD895303245C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2005B3-1914-4B4B-892A-8CCC0F39EF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6426924C-AA5C-4C93-AB8B-9314CD010139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7DCF4F-609A-497B-A32E-3D946EC2EE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E5C789-9827-47DF-A47C-454DF7687E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECF53BE-0E3A-41F8-AFD2-29CA3F2D0C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBB25A-A1DE-4943-9EE5-0FCF21A55666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*",
"matchCriteriaId": "C43EF082-E9AB-41D3-B7AF-936B84BB6AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B61485E4-6EC1-4886-AB47-F5BC8E72A08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*",
"matchCriteriaId": "203163D8-15E8-4F2D-A807-7643EA0D6920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E354FF4-5CDD-4B79-B56C-2C774B235D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9CEFE-23C2-4455-BE6F-51D26487D3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0DA8D6-3B1D-4935-855E-9431EB4BA683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFAF26C-7BFE-479E-880C-B13E78780625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95912B-8C95-4CA8-BDA7-76074E20E362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3162C720-A042-48D8-A598-5CC9845C5715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDD728B-9E92-4EC8-BD61-6E1AE300CE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEEE1E4-1883-411E-A4BA-985041880439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3E3BC1-A986-4942-80FA-5911428F8E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AC00-8A30-49CB-956D-715053A920D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.15.210 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-1663."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en versiones de HP System Management Homepage (SMH) anteriores a la 2.1.15.210 en Linux y Windows permite a atacantes remotos inyectar c\u00f3digo HTML o secuencias de comandos web o arbitrarios a trav\u00e9s de vectores no especificados. Se trata de una vulnerabilidad diferente a la CVE-2008-1663."
}
],
"id": "CVE-2008-4411",
"lastModified": "2024-11-21T00:51:37.157",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-10-13T20:00:02.277",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=122356588429626\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=122356588429626\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32199"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/4398"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1021015"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/31663"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2778"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=122356588429626\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=122356588429626\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/4398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1021015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/31663"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45754"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-06-29 22:55
Modified
2024-11-21 01:38
Severity ?
Summary
HP System Management Homepage (SMH) before 7.1.1 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E5107E0-A182-403D-A04E-3A46366825F3",
"versionEndIncluding": "7.1.0-16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1.104:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDEA64C-7511-4E71-8DFA-6E66531AC461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2.106:*:*:*:*:*:*:*",
"matchCriteriaId": "F304AB45-8298-4426-91B3-B99ED7FF6C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "1C035D5C-90ED-4259-B05C-BEF93D81F42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103\\(a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "824996A5-C2CC-4FC5-8705-F6B4D69F39B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBF9F0E-AA30-4E5A-B23E-DD895303245C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2005B3-1914-4B4B-892A-8CCC0F39EF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0.121:*:*:*:*:*:*:*",
"matchCriteriaId": "61ED0B94-3CC3-427C-A038-90C6CEF768BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6426924C-AA5C-4C93-AB8B-9314CD010139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7DCF4F-609A-497B-A32E-3D946EC2EE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2.127:*:*:*:*:*:*:*",
"matchCriteriaId": "ECEAE287-0A13-4DB3-A36D-BD50148BE9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E5C789-9827-47DF-A47C-454DF7687E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECF53BE-0E3A-41F8-AFD2-29CA3F2D0C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4.143:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D25EAF-145F-4D96-836E-1B7C3FE53E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBB25A-A1DE-4943-9EE5-0FCF21A55666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*",
"matchCriteriaId": "C43EF082-E9AB-41D3-B7AF-936B84BB6AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5379C7-0061-4C53-8B81-45F8063956DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:b:*:*:*:*:*:*",
"matchCriteriaId": "FD94C7BD-B398-42BF-9FB9-EB4581AF98E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B61485E4-6EC1-4886-AB47-F5BC8E72A08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*",
"matchCriteriaId": "203163D8-15E8-4F2D-A807-7643EA0D6920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6.156:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF2CB88-3E10-48BF-8D49-994A3E6014E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E354FF4-5CDD-4B79-B56C-2C774B235D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9CEFE-23C2-4455-BE6F-51D26487D3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7.168:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1A3FCF-B0AD-45DF-96D3-09BE755F94A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0DA8D6-3B1D-4935-855E-9431EB4BA683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8.179:*:*:*:*:*:*:*",
"matchCriteriaId": "D75CC6FB-FB51-42DD-B708-54A99B10F70A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFAF26C-7BFE-479E-880C-B13E78780625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95912B-8C95-4CA8-BDA7-76074E20E362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3162C720-A042-48D8-A598-5CC9845C5715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDD728B-9E92-4EC8-BD61-6E1AE300CE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:*:*:*:*:*:*:*",
"matchCriteriaId": "73D573A1-93F3-4652-9E64-EDED09731EF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:b:*:*:*:*:*:*",
"matchCriteriaId": "8B6EF4B8-AF43-4777-9556-CA6DFF864B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:c:*:*:*:*:*:*",
"matchCriteriaId": "42050FEF-5456-4340-9AD1-00448E4B5E34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEEE1E4-1883-411E-A4BA-985041880439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3E3BC1-A986-4942-80FA-5911428F8E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11.197:a:*:*:*:*:*:*",
"matchCriteriaId": "96B6DA99-20FA-4622-8F1C-3086143CAE90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AC00-8A30-49CB-956D-715053A920D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*",
"matchCriteriaId": "F425004A-EC16-44E8-A297-21F33F802FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12.201:*:*:*:*:*:*:*",
"matchCriteriaId": "849BE02B-513B-405E-A430-DF9D02C0A666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "4C655A93-EAF6-4AC5-97B6-39601457FE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C46B2D3D-1B9A-4AE4-BDE2-4E6C388356EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "50D50984-75F5-4F70-96BB-E2133E1360AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15-210:*:*:*:*:*:*:*",
"matchCriteriaId": "BD611329-F5D3-455D-A275-4D61429357E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15.210:*:*:*:*:*:*:*",
"matchCriteriaId": "09857263-747C-40F5-9744-21FD03187CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2C14DB20-E22E-466E-A3CD-C841CFDF2A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8881820B-29B4-41DB-AEED-5513A347E290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA1487A6-D639-4CA5-9696-47E04D621AD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0-68:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0C8455-CAAC-463E-A0D6-D21B8FB1BE31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "C78C2C5A-F788-4F25-BD19-50C76C802329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "46BDF870-3717-4486-8F45-55794F3DC712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1-73:*:*:*:*:*:*:*",
"matchCriteriaId": "4F6E0634-1562-4DC4-80A1-283ED369176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1.73:*:*:*:*:*:*:*",
"matchCriteriaId": "70E1319D-7BA1-43AC-A4E2-69D2E885DE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7C8CC2-1C1C-4813-8CEE-70F3F2AF3F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2-77:*:*:*:*:*:*:*",
"matchCriteriaId": "692B6E95-A67C-41E4-AEF7-CD4F01E802D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE5FC25-ADBE-41E9-A5F6-51BE9D451AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:b:*:*:*:*:*:*",
"matchCriteriaId": "BBE1D8A2-4AE0-4D0B-8D4D-D842E74ED328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "19DC0DB5-998A-4CE3-9AFE-A4009E6E755F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0-95:*:*:*:*:*:*:*",
"matchCriteriaId": "8CF6C235-1889-453D-8DBF-3A6165DEC833",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "51033974-B685-4214-B45D-5ED7DBDA95AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CBED89BD-C66E-4B5B-AA6F-8F79246AE5DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "81DB7A7A-A051-40AE-A12E-A54DF6F41C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0.102:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2379BD-5FAE-4D3D-8BDF-0BD3DC3EAA41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8A4A11-24D2-4BEC-9D29-78BB72518A59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1B21D4B4-172C-4D00-AAC1-459F33F4D3BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C17F3CE1-D6A2-4B15-856C-8D083B32274F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7349879C-6CBE-4636-B6E7-C25955DE680B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A2A419-3E62-4244-83D9-354755BEAA0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HP System Management Homepage (SMH) before 7.1.1 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation."
},
{
"lang": "es",
"value": "HP System Management Homepage (SMH) anteriores a 7.1.1 no tiene un atributo para desactivar la funcionalidad de auto-completar en campos de formulario sin especificar, lo que facilita a atacantes remotos obtener informaci\u00f3n utilizando un equipo desatendido."
}
],
"id": "CVE-2012-2012",
"lastModified": "2024-11-21T01:38:17.713",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-06-29T22:55:01.017",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-19 02:00
Modified
2024-11-21 02:54
Severity ?
Summary
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "This mitigation has been assigned the identifier CVE-2016-5387"; in other words, this is not a CVE ID for a vulnerability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3E7037D-2C83-4F09-8DC6-4C51D447727A",
"versionEndIncluding": "2.2.31",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8805C987-A5BB-403B-BB9F-B745A2AE7865",
"versionEndIncluding": "2.4.23",
"versionStartIncluding": "2.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD3FEB80-163D-4589-B6A8-6BB1ADCB6A10",
"versionEndIncluding": "7.5.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82AA7F74-BBB3-4912-A464-0D2101B0A95B",
"versionEndIncluding": "12.4",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BE12B6A4-E128-41EC-8017-558F50B961BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F8B45C6-A877-4317-BCE5-EF9E9542276A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*",
"matchCriteriaId": "62A2AC02-A933-4E51-810E-5D040B476B7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*",
"matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*",
"matchCriteriaId": "44B8FEDF-6CB0-46E9-9AD7-4445B001C158",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79A602C5-61FE-47BA-9786-F045B6C6DBA8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*",
"matchCriteriaId": "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*",
"matchCriteriaId": "C729D5D1-ED95-443A-9F53-5D7C2FD9B80C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFE33BC-D228-496C-A48E-8E73499D7F99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "681173DF-537E-4A64-8FC7-75F439CCAD0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E2F2F98-DB90-43F6-8F28-3656207B6188",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "681173DF-537E-4A64-8FC7-75F439CCAD0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E2F2F98-DB90-43F6-8F28-3656207B6188",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2466282-51AB-478D-9FF4-FA524265ED2E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1D81A1-CD24-4B17-8AFD-DC95E90AD7D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C8D871B-AEA1-4407-AEE3-47EC782250FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6755B6AD-0422-467B-8115-34A60B1D1A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application\u0027s outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an \"httpoxy\" issue. NOTE: the vendor states \"This mitigation has been assigned the identifier CVE-2016-5387\"; in other words, this is not a CVE ID for a vulnerability."
},
{
"lang": "es",
"value": "El Apache HTTP Server hasta la versi\u00f3n 2.4.23 sigue a RFC 3875 secci\u00f3n 4.1.18 y por lo tanto no protege aplicaciones de la presencia de datos de clientes no confiables en ambiente variable de HTTP_PROXY, lo que puede permitir a atacantes remotos redireccionar el tr\u00e1fico HTTP saliente de aplicaci\u00f3n a un servidor proxy arbitrario a trav\u00e9s de una cabecera Proxy manipulada en una petici\u00f3n HTTP, tambi\u00e9n conocido como problema \"httpoxy\". NOTA: el vendedor afirma \"Se ha asignado a esta mitigaci\u00f3n el identificador CVE-2016-5387\"; en otras palabras, esto no es un CVE ID para una vulnerabilidad."
}
],
"id": "CVE-2016-5387",
"lastModified": "2024-11-21T02:54:12.943",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-19T02:00:19.837",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1624.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1625.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1648.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1649.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1650.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3623"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/797896"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91816"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036330"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3038-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1420"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1421"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1422"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1635"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1636"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1851"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03770en_us"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://httpoxy.org/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201701-36"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT208221"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.apache.org/security/asf-httpoxy-response.txt"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2017-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1624.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1625.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1648.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1649.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1650.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3623"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/797896"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036330"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3038-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1421"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1422"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1635"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1851"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03770en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://httpoxy.org/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201701-36"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT208221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.apache.org/security/asf-httpoxy-response.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2017-04"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-22 19:59
Modified
2024-11-21 02:28
Severity ?
Summary
The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| haxx | curl | 7.40.0 | |
| haxx | curl | 7.41.0 | |
| haxx | curl | 7.42.0 | |
| haxx | curl | 7.42.1 | |
| haxx | libcurl | 7.40.0 | |
| haxx | libcurl | 7.41.0 | |
| haxx | libcurl | 7.42.0 | |
| haxx | libcurl | 7.42.1 | |
| hp | system_management_homepage | * | |
| oracle | enterprise_manager_ops_center | 12.1.4 | |
| oracle | enterprise_manager_ops_center | 12.2.2 | |
| oracle | enterprise_manager_ops_center | 12.3.2 | |
| oracle | glassfish_server | 3.0.1 | |
| oracle | glassfish_server | 3.1.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:haxx:curl:7.40.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEBBFCA-6A18-4F8F-B841-50255C952FA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.41.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FEEAE437-A645-468B-B283-44799658F534",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.42.0:*:*:*:*:*:*:*",
"matchCriteriaId": "03F7EE95-4EBE-4306-ADFE-A1A92CAD5F24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:curl:7.42.1:*:*:*:*:*:*:*",
"matchCriteriaId": "79F7AE71-7A18-4737-9C02-0A3343B3AD4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D52E9E9F-7A35-4CB9-813E-5A1D4A36415C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*",
"matchCriteriaId": "257291FB-969C-4413-BA81-806B5E1B40A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*",
"matchCriteriaId": "88DC6ED5-4C1A-4ED0-97BA-B245C4A236C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*",
"matchCriteriaId": "51AA7383-3AA1-4A3B-BA46-BBA8FBDC10DD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D06BF4CE-299F-42E4-BA0A-5D68788C92DF",
"versionEndIncluding": "7.5.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BA2CF507-AA3F-464C-88DF-71E30672E623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BE12B6A4-E128-41EC-8017-558F50B961BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F8B45C6-A877-4317-BCE5-EF9E9542276A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:glassfish_server:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A56AAEB5-E5A5-44A4-8B82-0C465122F2C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:glassfish_server:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5C8196D0-06A9-4A0B-8864-AA8E8CF2DDB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values."
},
{
"lang": "es",
"value": "La funci\u00f3n smb_request_state en cURL y libcurl 7.40.0 hasta 7.42.1 permite a servidores SMB remotos obtener informaci\u00f3n sensible de la memoria o causar una denegaci\u00f3n de servicio (lectura fuera de rango y ca\u00edda) a trav\u00e9s de valores de longitud y desplazamiento manipulados."
}
],
"id": "CVE-2015-3237",
"lastModified": "2024-11-21T02:28:58.220",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-22T19:59:04.653",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://curl.haxx.se/docs/adv_20150617B.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160660.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/75387"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id/1036371"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017"
},
{
"source": "secalert@redhat.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://curl.haxx.se/docs/adv_20150617B.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160660.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036371"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201509-02"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-06-29 22:55
Modified
2024-11-21 01:38
Severity ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote attackers to cause a denial of service, or possibly obtain sensitive information or modify data, via unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E5107E0-A182-403D-A04E-3A46366825F3",
"versionEndIncluding": "7.1.0-16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9A9442-18B7-4858-AB3A-19FE272A5C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90042282-9151-4D8E-8093-D85E57BD332C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.1.104:*:*:*:*:*:*:*",
"matchCriteriaId": "5FDEA64C-7511-4E71-8DFA-6E66531AC461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EF92B4-AAC3-4957-9D8F-1796C2045962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.0.2.106:*:*:*:*:*:*:*",
"matchCriteriaId": "F304AB45-8298-4426-91B3-B99ED7FF6C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D44CEFC1-CE95-4549-A981-C3F259075B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "1C035D5C-90ED-4259-B05C-BEF93D81F42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-103\\(a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "824996A5-C2CC-4FC5-8705-F6B4D69F39B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBF9F0E-AA30-4E5A-B23E-DD895303245C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2005B3-1914-4B4B-892A-8CCC0F39EF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.0.121:*:*:*:*:*:*:*",
"matchCriteriaId": "61ED0B94-3CC3-427C-A038-90C6CEF768BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6426924C-AA5C-4C93-AB8B-9314CD010139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7DCF4F-609A-497B-A32E-3D946EC2EE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.2.127:*:*:*:*:*:*:*",
"matchCriteriaId": "ECEAE287-0A13-4DB3-A36D-BD50148BE9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E5C789-9827-47DF-A47C-454DF7687E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECF53BE-0E3A-41F8-AFD2-29CA3F2D0C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.4.143:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D25EAF-145F-4D96-836E-1B7C3FE53E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBB25A-A1DE-4943-9EE5-0FCF21A55666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*",
"matchCriteriaId": "C43EF082-E9AB-41D3-B7AF-936B84BB6AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5379C7-0061-4C53-8B81-45F8063956DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.5.146:b:*:*:*:*:*:*",
"matchCriteriaId": "FD94C7BD-B398-42BF-9FB9-EB4581AF98E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B61485E4-6EC1-4886-AB47-F5BC8E72A08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*",
"matchCriteriaId": "203163D8-15E8-4F2D-A807-7643EA0D6920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.6.156:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF2CB88-3E10-48BF-8D49-994A3E6014E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E354FF4-5CDD-4B79-B56C-2C774B235D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9CEFE-23C2-4455-BE6F-51D26487D3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.7.168:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1A3FCF-B0AD-45DF-96D3-09BE755F94A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0DA8D6-3B1D-4935-855E-9431EB4BA683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.8.179:*:*:*:*:*:*:*",
"matchCriteriaId": "D75CC6FB-FB51-42DD-B708-54A99B10F70A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFAF26C-7BFE-479E-880C-B13E78780625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95912B-8C95-4CA8-BDA7-76074E20E362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3162C720-A042-48D8-A598-5CC9845C5715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDD728B-9E92-4EC8-BD61-6E1AE300CE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:*:*:*:*:*:*:*",
"matchCriteriaId": "73D573A1-93F3-4652-9E64-EDED09731EF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:b:*:*:*:*:*:*",
"matchCriteriaId": "8B6EF4B8-AF43-4777-9556-CA6DFF864B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.10.186:c:*:*:*:*:*:*",
"matchCriteriaId": "42050FEF-5456-4340-9AD1-00448E4B5E34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEEE1E4-1883-411E-A4BA-985041880439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3E3BC1-A986-4942-80FA-5911428F8E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.11.197:a:*:*:*:*:*:*",
"matchCriteriaId": "96B6DA99-20FA-4622-8F1C-3086143CAE90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AC00-8A30-49CB-956D-715053A920D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*",
"matchCriteriaId": "F425004A-EC16-44E8-A297-21F33F802FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.12.201:*:*:*:*:*:*:*",
"matchCriteriaId": "849BE02B-513B-405E-A430-DF9D02C0A666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "4C655A93-EAF6-4AC5-97B6-39601457FE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.14.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C46B2D3D-1B9A-4AE4-BDE2-4E6C388356EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "50D50984-75F5-4F70-96BB-E2133E1360AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15-210:*:*:*:*:*:*:*",
"matchCriteriaId": "BD611329-F5D3-455D-A275-4D61429357E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.15.210:*:*:*:*:*:*:*",
"matchCriteriaId": "09857263-747C-40F5-9744-21FD03187CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2C14DB20-E22E-466E-A3CD-C841CFDF2A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8881820B-29B4-41DB-AEED-5513A347E290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA1487A6-D639-4CA5-9696-47E04D621AD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0-68:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0C8455-CAAC-463E-A0D6-D21B8FB1BE31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "C78C2C5A-F788-4F25-BD19-50C76C802329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "46BDF870-3717-4486-8F45-55794F3DC712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1-73:*:*:*:*:*:*:*",
"matchCriteriaId": "4F6E0634-1562-4DC4-80A1-283ED369176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.1.73:*:*:*:*:*:*:*",
"matchCriteriaId": "70E1319D-7BA1-43AC-A4E2-69D2E885DE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7C8CC2-1C1C-4813-8CEE-70F3F2AF3F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2-77:*:*:*:*:*:*:*",
"matchCriteriaId": "692B6E95-A67C-41E4-AEF7-CD4F01E802D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE5FC25-ADBE-41E9-A5F6-51BE9D451AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:3.0.2.77:b:*:*:*:*:*:*",
"matchCriteriaId": "BBE1D8A2-4AE0-4D0B-8D4D-D842E74ED328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "19DC0DB5-998A-4CE3-9AFE-A4009E6E755F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0-95:*:*:*:*:*:*:*",
"matchCriteriaId": "8CF6C235-1889-453D-8DBF-3A6165DEC833",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0.0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "51033974-B685-4214-B45D-5ED7DBDA95AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CBED89BD-C66E-4B5B-AA6F-8F79246AE5DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0-103:*:*:*:*:*:*:*",
"matchCriteriaId": "81DB7A7A-A051-40AE-A12E-A54DF6F41C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.1.0.102:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2379BD-5FAE-4D3D-8BDF-0BD3DC3EAA41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8A4A11-24D2-4BEC-9D29-78BB72518A59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1B21D4B4-172C-4D00-AAC1-459F33F4D3BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C17F3CE1-D6A2-4B15-856C-8D083B32274F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7349879C-6CBE-4636-B6E7-C25955DE680B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A2A419-3E62-4244-83D9-354755BEAA0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote attackers to cause a denial of service, or possibly obtain sensitive information or modify data, via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en HP System Management Homepage (SMH) anteriores a 7.1.1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio, o posiblemente obtener informaci\u00f3n confidencial o modificar datos a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2012-2013",
"lastModified": "2024-11-21T01:38:17.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-06-29T22:55:01.063",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-28 21:59
Modified
2024-11-21 02:52
Severity ?
Summary
HPE System Management Homepage before v7.6 allows remote attackers to obtain sensitive information via unspecified vectors, related to an "HSTS" issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD3FEB80-163D-4589-B6A8-6BB1ADCB6A10",
"versionEndIncluding": "7.5.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HPE System Management Homepage before v7.6 allows remote attackers to obtain sensitive information via unspecified vectors, related to an \"HSTS\" issue."
},
{
"lang": "es",
"value": "HPE System Management Homepage en versiones anteriores a v7.6 permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados, relacionado con un problema de \"HSTS\"."
}
],
"id": "CVE-2016-4394",
"lastModified": "2024-11-21T02:52:01.567",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-28T21:59:02.053",
"references": [
{
"source": "security-alert@hpe.com",
"url": "http://www.securityfocus.com/bid/93961"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149"
},
{
"source": "security-alert@hpe.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-254"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-04-23 14:30
Modified
2024-11-21 01:13
Severity ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) 6.0 before 6.0.0-95 on Linux, and 6.0 before 6.0.0.96 on Windows, allows remote authenticated users to obtain sensitive information, modify data, and cause a denial of service via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | 6.0 | |
| linux | linux_kernel | * | |
| hp | system_management_homepage | 6.0 | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "19DC0DB5-998A-4CE3-9AFE-A4009E6E755F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "19DC0DB5-998A-4CE3-9AFE-A4009E6E755F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) 6.0 before 6.0.0-95 on Linux, and 6.0 before 6.0.0.96 on Windows, allows remote authenticated users to obtain sensitive information, modify data, and cause a denial of service via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en HP System Management Homepage (SMH) v6.0 anterior a v6.0.0-95 para Linux y v6.0 anterior a v6.0.0.96 para Windows, permite a usuarios autenticados en remoto obtener informaci\u00f3n sensible, modificar datos y provocar denegaciones de servicio mediante vectores desconocidos."
}
],
"id": "CVE-2010-1034",
"lastModified": "2024-11-21T01:13:28.547",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-04-23T14:30:01.137",
"references": [
{
"source": "hp-security-alert@hp.com",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://securitytracker.com/id?1023909"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.osvdb.org/64089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023909"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/64089"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-15 22:29
Modified
2024-11-21 03:09
Severity ?
Summary
A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-alert@hpe.com | http://www.securityfocus.com/bid/101029 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | http://www.securitytracker.com/id/1039437 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101029 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039437 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| linux | linux_kernel | - | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74107D7F-60E9-4A88-85D4-9594553A01C2",
"versionEndExcluding": "7.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad de error de configuraci\u00f3n de seguridad en HPE System Management Homepage para Windows y Linux en versiones anteriores a la 7.6."
}
],
"id": "CVE-2017-12549",
"lastModified": "2024-11-21T03:09:44.157",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:N",
"version": "2.0"
},
"exploitabilityScore": 1.5,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.3,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-15T22:29:04.623",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-23 21:59
Modified
2024-11-21 02:28
Severity ?
Summary
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015.
References
Impacted products
{
"cisaActionDue": "2022-05-04",
"cisaExploitAdd": "2022-04-13",
"cisaRequiredAction": "The impacted product is end-of-life and should be disconnected if still in use.",
"cisaVulnerabilityName": "Adobe Flash Player Heap-Based Buffer Overflow Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A6D8F3-8060-4F1E-B4E3-5097DBB199E5",
"versionEndExcluding": "13.0.0.296",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28041519-51EA-4E8B-97BF-22E33466CBD1",
"versionEndExcluding": "18.0.0.194",
"versionStartIncluding": "14.0.0.125",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1781AF4-923C-441A-BE16-4F16C3788F59",
"versionEndExcluding": "11.2.202.468",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE4D64E-8C4B-4F21-A9B0-90637C85C1D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
"matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*",
"matchCriteriaId": "028ABA8F-4E7B-4CD0-B6FC-3A0941E254BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:insight_orchestration:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01285B2A-0494-493D-93B3-7B8F93A76F66",
"versionEndExcluding": "7.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F39B8B36-2DC3-4791-A5BA-93C11F60FC1B",
"versionEndExcluding": "7.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:systems_insight_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E87A4868-2C76-4632-BC54-A697A245F8AB",
"versionEndExcluding": "7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:version_control_agent:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1DF4E5-F767-4948-9A42-C0B59740D557",
"versionEndExcluding": "7.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:version_control_repository_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "677729B1-4B3E-47E5-83CF-1A32979418FD",
"versionEndExcluding": "7.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:version_control_repository_manager:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DA5BC2D4-BFA8-4B05-B060-38417F815EF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:virtual_connect_enterprise_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D01C600-6D32-4886-9CB3-2D2FEFED2EF1",
"versionEndExcluding": "7.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "319EC0C6-94C5-494A-9C5D-DC5124DFC8E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en memoria din\u00e1mica en Adobe Flash Player anterior a 13.0.0.296 y 14.x hasta 18.x anterior a 18.0.0.194 en Windows y OS X y anterior a 11.2.202.468 en Linux permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, tal y como fue utilizado activamente en junio del 2015."
}
],
"id": "CVE-2015-3113",
"lastModified": "2024-11-21T02:28:41.810",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2015-06-23T21:59:01.960",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00020.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00025.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00002.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1184.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75371"
},
{
"source": "psirt@adobe.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032696"
},
{
"source": "psirt@adobe.com",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1235036"
},
{
"source": "psirt@adobe.com",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=935701"
},
{
"source": "psirt@adobe.com",
"tags": [
"Broken Link"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467"
},
{
"source": "psirt@adobe.com",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-14.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201507-13"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.suse.com/security/cve/CVE-2015-3113.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1184.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75371"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032696"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1235036"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=935701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201507-13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.suse.com/security/cve/CVE-2015-3113.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Undergoing Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-10-02 00:55
Modified
2024-11-21 02:06
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| hp | system_management_homepage | 7.0 | |
| hp | system_management_homepage | 7.1 | |
| hp | system_management_homepage | 7.2 | |
| hp | system_management_homepage | 7.2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "435ADA3D-8492-4643-852F-1C159D0D3CFF",
"versionEndIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A2A419-3E62-4244-83D9-354755BEAA0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26EB8583-BF1A-4DA7-B560-EDDEBD4D7DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B3B1667E-A36B-4777-976B-786E44747ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "416F2C9F-8FF2-4C31-98E2-545DE95A1F24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de CSRF en HP System Management Homepage (SMH) anterior a 7.4 permite a usuarios remotos autenticados secuestrar la autenticaci\u00edon de victimas no especificadas a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2014-2641",
"lastModified": "2024-11-21T02:06:42.407",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-10-02T00:55:03.297",
"references": [
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securitytracker.com/id/1030960"
},
{
"source": "hp-security-alert@hp.com",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"source": "hp-security-alert@hp.com",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030960"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-04-13 10:02
Modified
2024-11-21 00:09
Severity ?
Summary
HP System Management Homepage (SMH) 2.1.3.132, when running on CompaqHTTPServer/9.9 on Windows, Linux, or Tru64 UNIX, and when "Trust by Certificates" is not enabled, allows remote attackers to bypass authentication via a crafted URL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | compaqhttpserver | 9.9 | |
| hp | system_management_homepage | 2.1.3.132 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:compaqhttpserver:9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "66A8479E-5249-4919-AB12-CDDDDA365AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F0390-B076-4B54-9E4E-67472FF3759E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HP System Management Homepage (SMH) 2.1.3.132, when running on CompaqHTTPServer/9.9 on Windows, Linux, or Tru64 UNIX, and when \"Trust by Certificates\" is not enabled, allows remote attackers to bypass authentication via a crafted URL."
}
],
"evaluatorSolution": "The only way to prevent this is to set the Trust level to \"Trust by Certificates\"",
"id": "CVE-2006-1774",
"lastModified": "2024-11-21T00:09:43.667",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-04-13T10:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015901"
},
{
"source": "cve@mitre.org",
"url": "http://src.telindus.com/articles/hpsm_vulnerability.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/430688/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://src.telindus.com/articles/hpsm_vulnerability.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/430688/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25761"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-15 22:29
Modified
2024-11-21 03:09
Severity ?
Summary
A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-alert@hpe.com | http://www.securityfocus.com/bid/101029 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | http://www.securitytracker.com/id/1039437 | Third Party Advisory, VDB Entry | |
| security-alert@hpe.com | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101029 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039437 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | system_management_homepage | * | |
| linux | linux_kernel | - | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74107D7F-60E9-4A88-85D4-9594553A01C2",
"versionEndExcluding": "7.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad de ejecuci\u00f3n local de comandos arbitrarios en HPE System Management Homepage para Windows y Linux en versiones anteriores a la 7.6."
}
],
"id": "CVE-2017-12547",
"lastModified": "2024-11-21T03:09:43.913",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:S/C:N/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 1.5,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.3,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-15T22:29:04.543",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2010-3012
Vulnerability from cvelistv5
Published
2010-09-17 19:00
Modified
2024-09-16 19:51
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this issue was originally assigned CVE-2010-3010 due to a CNA error.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/41490 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995 | vendor-advisory, x_refsource_HP | |
| http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995 | vendor-advisory, x_refsource_HP | |
| http://secunia.com/advisories/41480 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:55:46.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "41490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41490"
},
{
"name": "HPSBMA02568",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"name": "SSRT100219",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"name": "41480",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41480"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this issue was originally assigned CVE-2010-3010 due to a CNA error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-09-17T19:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "41490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41490"
},
{
"name": "HPSBMA02568",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"name": "SSRT100219",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"name": "41480",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41480"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2010-3012",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this issue was originally assigned CVE-2010-3010 due to a CNA error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "41490",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41490"
},
{
"name": "HPSBMA02568",
"refsource": "HP",
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"name": "SSRT100219",
"refsource": "HP",
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"name": "41480",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41480"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2010-3012",
"datePublished": "2010-09-17T19:00:00Z",
"dateReserved": "2010-08-13T00:00:00Z",
"dateUpdated": "2024-09-16T19:51:34.370Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-2015
Vulnerability from cvelistv5
Published
2012-06-29 22:00
Modified
2024-09-17 01:01
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote authenticated users to gain privileges and obtain sensitive information via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 | vendor-advisory, x_refsource_HP | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.723Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBMU02786",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"name": "SSRT100877",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote authenticated users to gain privileges and obtain sensitive information via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-06-29T22:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBMU02786",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"name": "SSRT100877",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2012-2015",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote authenticated users to gain privileges and obtain sensitive information via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMU02786",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"name": "SSRT100877",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2012-2015",
"datePublished": "2012-06-29T22:00:00Z",
"dateReserved": "2012-04-02T00:00:00Z",
"dateUpdated": "2024-09-17T01:01:36.902Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-2364
Vulnerability from cvelistv5
Published
2013-07-19 18:00
Modified
2024-09-17 03:34
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:36:45.972Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT101151",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-07-19T18:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT101151",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-2364",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT101151",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-2364",
"datePublished": "2013-07-19T18:00:00Z",
"dateReserved": "2013-03-04T00:00:00Z",
"dateUpdated": "2024-09-17T03:34:02.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-3576
Vulnerability from cvelistv5
Published
2013-06-14 18:00
Modified
2024-08-06 16:14
Severity ?
EPSS score ?
Summary
ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands via shell metacharacters in the PATH_INFO to smhutil/snmpchp.php.en.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=137952496405683&w=2 | vendor-advisory, x_refsource_HP | |
| http://www.kb.cert.org/vuls/id/735364 | third-party-advisory, x_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:56.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBMU02917",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137952496405683\u0026w=2"
},
{
"name": "VU#735364",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/735364"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-06-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands via shell metacharacters in the PATH_INFO to smhutil/snmpchp.php.en."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-06T15:57:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "HPSBMU02917",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137952496405683\u0026w=2"
},
{
"name": "VU#735364",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/735364"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2013-3576",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands via shell metacharacters in the PATH_INFO to smhutil/snmpchp.php.en."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMU02917",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=137952496405683\u0026w=2"
},
{
"name": "VU#735364",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/735364"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2013-3576",
"datePublished": "2013-06-14T18:00:00",
"dateReserved": "2013-05-21T00:00:00",
"dateUpdated": "2024-08-06T16:14:56.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12550
Vulnerability from cvelistv5
Published
2018-02-15 22:00
Modified
2024-09-16 20:31
Severity ?
EPSS score ?
Summary
A local security misconfiguration vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1039437 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/101029 | vdb-entry, x_refsource_BID | |
| https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Hewlett Packard Enterprise | System Management Homepage for Windows and Linux |
Version: prior to 7.6.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:43:55.888Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039437",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "System Management Homepage for Windows and Linux",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "prior to 7.6.1"
}
]
}
],
"datePublic": "2017-09-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A local security misconfiguration vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local security misconfiguration",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T15:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "1039437",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-09-26T00:00:00",
"ID": "CVE-2017-12550",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "System Management Homepage for Windows and Linux",
"version": {
"version_data": [
{
"version_value": "prior to 7.6.1"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local security misconfiguration vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local security misconfiguration"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039437",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101029"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2017-12550",
"datePublished": "2018-02-15T22:00:00Z",
"dateReserved": "2017-08-05T00:00:00",
"dateUpdated": "2024-09-16T20:31:43.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1663
Vulnerability from cvelistv5
Published
2008-07-09 00:00
Modified
2024-08-07 08:32
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) 2.1.10 and 2.1.11 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2008/1990/references | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1020406 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/30912 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/30029 | vdb-entry, x_refsource_BID | |
| http://marc.info/?l=bugtraq&m=121492633526894&w=2 | vendor-advisory, x_refsource_HP | |
| http://marc.info/?l=bugtraq&m=121492633526894&w=2 | vendor-advisory, x_refsource_HP | |
| http://securityreason.com/securityalert/3979 | third-party-advisory, x_refsource_SREASON |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:01.284Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-1990",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1990/references"
},
{
"name": "1020406",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020406"
},
{
"name": "30912",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30912"
},
{
"name": "30029",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30029"
},
{
"name": "HPSBMA02345",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=121492633526894\u0026w=2"
},
{
"name": "SSRT080039",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=121492633526894\u0026w=2"
},
{
"name": "3979",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3979"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) 2.1.10 and 2.1.11 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-07-16T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2008-1990",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1990/references"
},
{
"name": "1020406",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020406"
},
{
"name": "30912",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30912"
},
{
"name": "30029",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30029"
},
{
"name": "HPSBMA02345",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=121492633526894\u0026w=2"
},
{
"name": "SSRT080039",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=121492633526894\u0026w=2"
},
{
"name": "3979",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3979"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1663",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) 2.1.10 and 2.1.11 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2008-1990",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1990/references"
},
{
"name": "1020406",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020406"
},
{
"name": "30912",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30912"
},
{
"name": "30029",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30029"
},
{
"name": "HPSBMA02345",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=121492633526894\u0026w=2"
},
{
"name": "SSRT080039",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=121492633526894\u0026w=2"
},
{
"name": "3979",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3979"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1663",
"datePublished": "2008-07-09T00:00:00",
"dateReserved": "2008-04-03T00:00:00",
"dateUpdated": "2024-08-07T08:32:01.284Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12547
Vulnerability from cvelistv5
Published
2018-02-15 22:00
Modified
2024-09-16 22:25
Severity ?
EPSS score ?
Summary
A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1039437 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/101029 | vdb-entry, x_refsource_BID | |
| https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Hewlett Packard Enterprise | System Management Homepage for Windows and Linux |
Version: prior to 7.6.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:43:55.667Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039437",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "System Management Homepage for Windows and Linux",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "prior to 7.6.1"
}
]
}
],
"datePublic": "2017-09-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local arbitrary command execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T15:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "1039437",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-09-26T00:00:00",
"ID": "CVE-2017-12547",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "System Management Homepage for Windows and Linux",
"version": {
"version_data": [
{
"version_value": "prior to 7.6.1"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local arbitrary command execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039437",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101029"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2017-12547",
"datePublished": "2018-02-15T22:00:00Z",
"dateReserved": "2017-08-05T00:00:00",
"dateUpdated": "2024-09-16T22:25:12.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-1540
Vulnerability from cvelistv5
Published
2011-04-29 22:00
Modified
2024-08-06 22:28
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote authenticated users to execute arbitrary code via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id?1025414 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/47507 | vdb-entry, x_refsource_BID | |
| http://marc.info/?l=bugtraq&m=130331363227777&w=2 | vendor-advisory, x_refsource_HP | |
| http://securityreason.com/securityalert/8233 | third-party-advisory, x_refsource_SREASON | |
| http://marc.info/?l=bugtraq&m=130331363227777&w=2 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:28:41.928Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1025414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025414"
},
{
"name": "47507",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47507"
},
{
"name": "HPSBMA02662",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
},
{
"name": "8233",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8233"
},
{
"name": "SSRT100409",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-04-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote authenticated users to execute arbitrary code via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-07T09:00:00",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "1025414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025414"
},
{
"name": "47507",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/47507"
},
{
"name": "HPSBMA02662",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
},
{
"name": "8233",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8233"
},
{
"name": "SSRT100409",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2011-1540",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote authenticated users to execute arbitrary code via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1025414",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025414"
},
{
"name": "47507",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47507"
},
{
"name": "HPSBMA02662",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
},
{
"name": "8233",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8233"
},
{
"name": "SSRT100409",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2011-1540",
"datePublished": "2011-04-29T22:00:00",
"dateReserved": "2011-03-29T00:00:00",
"dateUpdated": "2024-08-06T22:28:41.928Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-0135
Vulnerability from cvelistv5
Published
2012-04-18 10:00
Modified
2024-08-06 18:16
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows remote authenticated users to cause a denial of service via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/74917 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1026925 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/archive/1/522374 | vendor-advisory, x_refsource_HP | |
| http://www.securityfocus.com/archive/1/522374 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:16:18.822Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "hp-system-homepage-dos(74917)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74917"
},
{
"name": "1026925",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026925"
},
{
"name": "HPSBMU02764",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522374"
},
{
"name": "SSRT100827",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522374"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows remote authenticated users to cause a denial of service via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "hp-system-homepage-dos(74917)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74917"
},
{
"name": "1026925",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026925"
},
{
"name": "HPSBMU02764",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/522374"
},
{
"name": "SSRT100827",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/522374"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2012-0135",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows remote authenticated users to cause a denial of service via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "hp-system-homepage-dos(74917)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74917"
},
{
"name": "1026925",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026925"
},
{
"name": "HPSBMU02764",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/522374"
},
{
"name": "SSRT100827",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/522374"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2012-0135",
"datePublished": "2012-04-18T10:00:00",
"dateReserved": "2011-12-13T00:00:00",
"dateUpdated": "2024-08-06T18:16:18.822Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-2361
Vulnerability from cvelistv5
Published
2013-07-19 18:00
Modified
2024-09-16 17:53
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:36:46.318Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT101007",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-07-19T18:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT101007",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-2361",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT101007",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-2361",
"datePublished": "2013-07-19T18:00:00Z",
"dateReserved": "2013-03-04T00:00:00Z",
"dateUpdated": "2024-09-16T17:53:58.274Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-2363
Vulnerability from cvelistv5
Published
2013-07-19 18:00
Modified
2024-09-16 18:18
Severity ?
EPSS score ?
Summary
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2356.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:36:46.128Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT101150",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2356."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-07-19T18:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT101150",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-2363",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2356."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT101150",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-2363",
"datePublished": "2013-07-19T18:00:00Z",
"dateReserved": "2013-03-04T00:00:00Z",
"dateUpdated": "2024-09-16T18:18:53.404Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1418
Vulnerability from cvelistv5
Published
2009-05-19 19:00
Modified
2024-08-07 05:13
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 3.0.1.73 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000029.html | third-party-advisory, x_refsource_JVNDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/50633 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/35031 | vdb-entry, x_refsource_BID | |
| http://securitytracker.com/id?1022242 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/35108 | third-party-advisory, x_refsource_SECUNIA | |
| http://jvn.jp/en/jp/JVN02331156/index.html | third-party-advisory, x_refsource_JVN | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01745065 | vendor-advisory, x_refsource_HP | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01745065 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:25.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVNDB-2009-000029",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000029.html"
},
{
"name": "smh-win-unspecified-xss(50633)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50633"
},
{
"name": "35031",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35031"
},
{
"name": "1022242",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1022242"
},
{
"name": "35108",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35108"
},
{
"name": "JVN#02331156",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN02331156/index.html"
},
{
"name": "SSRT090048",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01745065"
},
{
"name": "HPSBMA02428",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01745065"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-05-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 3.0.1.73 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "JVNDB-2009-000029",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000029.html"
},
{
"name": "smh-win-unspecified-xss(50633)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50633"
},
{
"name": "35031",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35031"
},
{
"name": "1022242",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1022242"
},
{
"name": "35108",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35108"
},
{
"name": "JVN#02331156",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN02331156/index.html"
},
{
"name": "SSRT090048",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01745065"
},
{
"name": "HPSBMA02428",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01745065"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1418",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 3.0.1.73 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2009-000029",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000029.html"
},
{
"name": "smh-win-unspecified-xss(50633)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50633"
},
{
"name": "35031",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35031"
},
{
"name": "1022242",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1022242"
},
{
"name": "35108",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35108"
},
{
"name": "JVN#02331156",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN02331156/index.html"
},
{
"name": "SSRT090048",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01745065"
},
{
"name": "HPSBMA02428",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01745065"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1418",
"datePublished": "2009-05-19T19:00:00",
"dateReserved": "2009-04-24T00:00:00",
"dateUpdated": "2024-08-07T05:13:25.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-3284
Vulnerability from cvelistv5
Published
2010-09-24 18:00
Modified
2024-09-17 02:57
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to obtain sensitive information via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=128525531721328&w=2 | vendor-advisory, x_refsource_HP | |
| http://marc.info/?l=bugtraq&m=128525531721328&w=2 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:03:18.995Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT100069",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128525531721328\u0026w=2"
},
{
"name": "HPSBMA02578",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128525531721328\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to obtain sensitive information via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-09-24T18:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT100069",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128525531721328\u0026w=2"
},
{
"name": "HPSBMA02578",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128525531721328\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2010-3284",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to obtain sensitive information via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT100069",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=128525531721328\u0026w=2"
},
{
"name": "HPSBMA02578",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=128525531721328\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2010-3284",
"datePublished": "2010-09-24T18:00:00Z",
"dateReserved": "2010-09-13T00:00:00Z",
"dateUpdated": "2024-09-17T02:57:27.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-2362
Vulnerability from cvelistv5
Published
2013-07-19 18:00
Modified
2024-09-17 01:06
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows local users to cause a denial of service via unknown vectors, aka ZDI-CAN-1676.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:36:46.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT101076",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows local users to cause a denial of service via unknown vectors, aka ZDI-CAN-1676."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-07-19T18:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT101076",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-2362",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows local users to cause a denial of service via unknown vectors, aka ZDI-CAN-1676."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT101076",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-2362",
"datePublished": "2013-07-19T18:00:00Z",
"dateReserved": "2013-03-04T00:00:00Z",
"dateUpdated": "2024-09-17T01:06:28.809Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-4846
Vulnerability from cvelistv5
Published
2014-03-14 10:00
Modified
2024-08-06 16:59
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.3 allows remote attackers to obtain sensitive information via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138 | vendor-advisory, x_refsource_HP | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:39.315Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT101285",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
},
{
"name": "HPSBMU02947",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.3 allows remote attackers to obtain sensitive information via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-03-14T05:57:00",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT101285",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
},
{
"name": "HPSBMU02947",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-4846",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.3 allows remote attackers to obtain sensitive information via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT101285",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
},
{
"name": "HPSBMU02947",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-4846",
"datePublished": "2014-03-14T10:00:00",
"dateReserved": "2013-07-12T00:00:00",
"dateUpdated": "2024-08-06T16:59:39.315Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-5385
Vulnerability from cvelistv5
Published
2016-07-19 01:00
Modified
2024-08-06 01:00
Severity ?
EPSS score ?
Summary
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issue.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:00:59.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2016-8eb11666aa",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RMYXAVNYL2MOBJTFATE73TOVOEZYC5R/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05333297"
},
{
"name": "VU#797896",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/797896"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "GLSA-201611-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"name": "openSUSE-SU-2016:1922",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.drupal.org/SA-CORE-2016-003"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"name": "RHSA-2016:1613",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1613.html"
},
{
"name": "RHSA-2016:1611",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1611.html"
},
{
"name": "RHSA-2016:1610",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1610.html"
},
{
"name": "DSA-3631",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3631"
},
{
"name": "91821",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91821"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03770en_us"
},
{
"name": "FEDORA-2016-4e7db3d437",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZOIUYZDBWNDDHC6XTOLZYRMRXZWTJCP/"
},
{
"name": "RHSA-2016:1609",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1609.html"
},
{
"name": "1036335",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036335"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://httpoxy.org/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name": "RHSA-2016:1612",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1612.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353794"
},
{
"name": "FEDORA-2016-9c8cf5912c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXFEIMZPSVGZQQAYIQ7U7DFVX3IBSDLF/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/guzzle/guzzle/releases/tag/6.2.1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application\u0027s outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv(\u0027HTTP_PROXY\u0027) call or (2) a CGI configuration of PHP, aka an \"httpoxy\" issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-18T01:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2016-8eb11666aa",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RMYXAVNYL2MOBJTFATE73TOVOEZYC5R/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05333297"
},
{
"name": "VU#797896",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/797896"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "GLSA-201611-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"name": "openSUSE-SU-2016:1922",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.drupal.org/SA-CORE-2016-003"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"name": "RHSA-2016:1613",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1613.html"
},
{
"name": "RHSA-2016:1611",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1611.html"
},
{
"name": "RHSA-2016:1610",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1610.html"
},
{
"name": "DSA-3631",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3631"
},
{
"name": "91821",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91821"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03770en_us"
},
{
"name": "FEDORA-2016-4e7db3d437",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZOIUYZDBWNDDHC6XTOLZYRMRXZWTJCP/"
},
{
"name": "RHSA-2016:1609",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1609.html"
},
{
"name": "1036335",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036335"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://httpoxy.org/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name": "RHSA-2016:1612",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1612.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353794"
},
{
"name": "FEDORA-2016-9c8cf5912c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXFEIMZPSVGZQQAYIQ7U7DFVX3IBSDLF/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/guzzle/guzzle/releases/tag/6.2.1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-5385",
"datePublished": "2016-07-19T01:00:00",
"dateReserved": "2016-06-10T00:00:00",
"dateUpdated": "2024-08-06T01:00:59.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-2012
Vulnerability from cvelistv5
Published
2012-06-29 22:00
Modified
2024-09-17 00:36
Severity ?
EPSS score ?
Summary
HP System Management Homepage (SMH) before 7.1.1 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
References
| ▼ | URL | Tags |
|---|---|---|
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 | vendor-advisory, x_refsource_HP | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.772Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBMU02786",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"name": "SSRT100877",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HP System Management Homepage (SMH) before 7.1.1 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-06-29T22:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBMU02786",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"name": "SSRT100877",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2012-2012",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HP System Management Homepage (SMH) before 7.1.1 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMU02786",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"name": "SSRT100877",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2012-2012",
"datePublished": "2012-06-29T22:00:00Z",
"dateReserved": "2012-04-02T00:00:00Z",
"dateUpdated": "2024-09-17T00:36:17.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-1995
Vulnerability from cvelistv5
Published
2016-03-18 10:00
Modified
2024-08-05 23:17
Severity ?
EPSS score ?
Summary
HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1035325 | vdb-entry, x_refsource_SECTRACK | |
| https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:17:49.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035325",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035325"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-03-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-01T15:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1035325",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035325"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1995",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035325",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035325"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1995",
"datePublished": "2016-03-18T10:00:00",
"dateReserved": "2016-01-22T00:00:00",
"dateUpdated": "2024-08-05T23:17:49.918Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2134
Vulnerability from cvelistv5
Published
2015-07-21 19:00
Modified
2024-08-06 05:02
Severity ?
EPSS score ?
Summary
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=144050155601375&w=2 | vendor-advisory, x_refsource_HP | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04746490 | vendor-advisory, x_refsource_HP | |
| http://www.securityfocus.com/bid/75961 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1033014 | vdb-entry, x_refsource_SECTRACK | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04746490 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:02:43.410Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBMU03409",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"name": "HPSBMU03380",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04746490"
},
{
"name": "75961",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75961"
},
{
"name": "1033014",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033014"
},
{
"name": "SSRT102109",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04746490"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-20T09:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBMU03409",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"name": "HPSBMU03380",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04746490"
},
{
"name": "75961",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75961"
},
{
"name": "1033014",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033014"
},
{
"name": "SSRT102109",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04746490"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2015-2134",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMU03409",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"name": "HPSBMU03380",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04746490"
},
{
"name": "75961",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75961"
},
{
"name": "1033014",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033014"
},
{
"name": "SSRT102109",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04746490"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2015-2134",
"datePublished": "2015-07-21T19:00:00",
"dateReserved": "2015-02-27T00:00:00",
"dateUpdated": "2024-08-06T05:02:43.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12544
Vulnerability from cvelistv5
Published
2018-02-15 22:00
Modified
2024-09-17 02:47
Severity ?
EPSS score ?
Summary
A cross-site scripting vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1039437 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/101029 | vdb-entry, x_refsource_BID | |
| https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Hewlett Packard Enterprise | System Management Homepage for Windows and Linux |
Version: prior to 7.6.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:43:55.881Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039437",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "System Management Homepage for Windows and Linux",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "prior to 7.6.1"
}
]
}
],
"datePublic": "2017-09-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T15:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "1039437",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-09-26T00:00:00",
"ID": "CVE-2017-12544",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "System Management Homepage for Windows and Linux",
"version": {
"version_data": [
{
"version_value": "prior to 7.6.1"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A cross-site scripting vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039437",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101029"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2017-12544",
"datePublished": "2018-02-15T22:00:00Z",
"dateReserved": "2017-08-05T00:00:00",
"dateUpdated": "2024-09-17T02:47:05.154Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12546
Vulnerability from cvelistv5
Published
2018-02-15 22:00
Modified
2024-09-16 18:24
Severity ?
EPSS score ?
Summary
A local buffer overflow vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1039437 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/101029 | vdb-entry, x_refsource_BID | |
| https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Hewlett Packard Enterprise | System Management Homepage for Windows and Linux |
Version: prior to 7.6.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:43:55.856Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039437",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "System Management Homepage for Windows and Linux",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "prior to 7.6.1"
}
]
}
],
"datePublic": "2017-09-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A local buffer overflow vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T15:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "1039437",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-09-26T00:00:00",
"ID": "CVE-2017-12546",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "System Management Homepage for Windows and Linux",
"version": {
"version_data": [
{
"version_value": "prior to 7.6.1"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local buffer overflow vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039437",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101029"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2017-12546",
"datePublished": "2018-02-15T22:00:00Z",
"dateReserved": "2017-08-05T00:00:00",
"dateUpdated": "2024-09-16T18:24:54.686Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-3283
Vulnerability from cvelistv5
Published
2010-09-24 18:00
Modified
2024-09-16 18:18
Severity ?
EPSS score ?
Summary
Open redirect vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=128525419119241&w=2 | vendor-advisory, x_refsource_HP | |
| http://marc.info/?l=bugtraq&m=128525419119241&w=2 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:03:18.929Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBMA02584",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128525419119241\u0026w=2"
},
{
"name": "SSRT100230",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128525419119241\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-09-24T18:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBMA02584",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128525419119241\u0026w=2"
},
{
"name": "SSRT100230",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128525419119241\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2010-3283",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open redirect vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMA02584",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=128525419119241\u0026w=2"
},
{
"name": "SSRT100230",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=128525419119241\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2010-3283",
"datePublished": "2010-09-24T18:00:00Z",
"dateReserved": "2010-09-13T00:00:00Z",
"dateUpdated": "2024-09-16T18:18:57.781Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-5387
Vulnerability from cvelistv5
Published
2016-07-19 01:00
Modified
2024-08-06 01:00
Severity ?
EPSS score ?
Summary
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "This mitigation has been assigned the identifier CVE-2016-5387"; in other words, this is not a CVE ID for a vulnerability.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:00:59.995Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036330",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036330"
},
{
"name": "RHSA-2016:1420",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1420"
},
{
"name": "RHSA-2016:1635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1635"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208221"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
},
{
"name": "91816",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91816"
},
{
"name": "RHSA-2016:1851",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1851"
},
{
"name": "USN-3038-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3038-1"
},
{
"name": "VU#797896",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/797896"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "openSUSE-SU-2016:1824",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"name": "RHSA-2016:1648",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1648.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2017-04"
},
{
"name": "RHSA-2016:1625",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1625.html"
},
{
"name": "DSA-3623",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3623"
},
{
"name": "RHSA-2016:1649",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1649.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03770en_us"
},
{
"name": "RHSA-2016:1422",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1422"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html"
},
{
"name": "RHSA-2016:1421",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1421"
},
{
"name": "FEDORA-2016-a29c65b00f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/"
},
{
"name": "RHSA-2016:1650",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1650.html"
},
{
"name": "RHSA-2016:1624",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1624.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.apache.org/security/asf-httpoxy-response.txt"
},
{
"name": "FEDORA-2016-df0726ae26",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://httpoxy.org/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name": "GLSA-201701-36",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-36"
},
{
"name": "RHSA-2016:1636",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1636"
},
{
"name": "FEDORA-2016-9fd9bfab9e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/"
},
{
"name": "FEDORA-2016-683d0b257b",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [10/13] - /httpd/site/trunk/content/security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [10/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [10/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210603 svn commit: r1075360 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210603 svn commit: r1075360 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075467 [2/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application\u0027s outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an \"httpoxy\" issue. NOTE: the vendor states \"This mitigation has been assigned the identifier CVE-2016-5387\"; in other words, this is not a CVE ID for a vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-06T10:11:53",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "1036330",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036330"
},
{
"name": "RHSA-2016:1420",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1420"
},
{
"name": "RHSA-2016:1635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1635"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208221"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
},
{
"name": "91816",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91816"
},
{
"name": "RHSA-2016:1851",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1851"
},
{
"name": "USN-3038-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3038-1"
},
{
"name": "VU#797896",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/797896"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "openSUSE-SU-2016:1824",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"name": "RHSA-2016:1648",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1648.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2017-04"
},
{
"name": "RHSA-2016:1625",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1625.html"
},
{
"name": "DSA-3623",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3623"
},
{
"name": "RHSA-2016:1649",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1649.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03770en_us"
},
{
"name": "RHSA-2016:1422",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1422"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html"
},
{
"name": "RHSA-2016:1421",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1421"
},
{
"name": "FEDORA-2016-a29c65b00f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/"
},
{
"name": "RHSA-2016:1650",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1650.html"
},
{
"name": "RHSA-2016:1624",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1624.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.apache.org/security/asf-httpoxy-response.txt"
},
{
"name": "FEDORA-2016-df0726ae26",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://httpoxy.org/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name": "GLSA-201701-36",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-36"
},
{
"name": "RHSA-2016:1636",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1636"
},
{
"name": "FEDORA-2016-9fd9bfab9e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/"
},
{
"name": "FEDORA-2016-683d0b257b",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [10/13] - /httpd/site/trunk/content/security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [10/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [10/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210603 svn commit: r1075360 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210603 svn commit: r1075360 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075467 [2/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-5387",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application\u0027s outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an \"httpoxy\" issue. NOTE: the vendor states \"This mitigation has been assigned the identifier CVE-2016-5387\"; in other words, this is not a CVE ID for a vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036330",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036330"
},
{
"name": "RHSA-2016:1420",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1420"
},
{
"name": "RHSA-2016:1635",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1635"
},
{
"name": "https://support.apple.com/HT208221",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208221"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
},
{
"name": "91816",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91816"
},
{
"name": "RHSA-2016:1851",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1851"
},
{
"name": "USN-3038-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3038-1"
},
{
"name": "VU#797896",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/797896"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "openSUSE-SU-2016:1824",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"name": "RHSA-2016:1648",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1648.html"
},
{
"name": "https://www.tenable.com/security/tns-2017-04",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2017-04"
},
{
"name": "RHSA-2016:1625",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1625.html"
},
{
"name": "DSA-3623",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3623"
},
{
"name": "RHSA-2016:1649",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1649.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03770en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03770en_us"
},
{
"name": "RHSA-2016:1422",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1422"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html"
},
{
"name": "RHSA-2016:1421",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1421"
},
{
"name": "FEDORA-2016-a29c65b00f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/"
},
{
"name": "RHSA-2016:1650",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1650.html"
},
{
"name": "RHSA-2016:1624",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1624.html"
},
{
"name": "https://www.apache.org/security/asf-httpoxy-response.txt",
"refsource": "CONFIRM",
"url": "https://www.apache.org/security/asf-httpoxy-response.txt"
},
{
"name": "FEDORA-2016-df0726ae26",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/"
},
{
"name": "https://httpoxy.org/",
"refsource": "MISC",
"url": "https://httpoxy.org/"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name": "GLSA-201701-36",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-36"
},
{
"name": "RHSA-2016:1636",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1636"
},
{
"name": "FEDORA-2016-9fd9bfab9e",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/"
},
{
"name": "FEDORA-2016-683d0b257b",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [10/13] - /httpd/site/trunk/content/security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [10/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [10/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210603 svn commit: r1075360 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210603 svn commit: r1075360 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075467 [2/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-5387",
"datePublished": "2016-07-19T01:00:00",
"dateReserved": "2016-06-10T00:00:00",
"dateUpdated": "2024-08-06T01:00:59.995Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-4393
Vulnerability from cvelistv5
Published
2016-10-28 21:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
HPE System Management Homepage before v7.6 allows "remote authenticated" attackers to obtain sensitive information via unspecified vectors, related to an "XSS" issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/93961 | vdb-entry, x_refsource_BID | |
| https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 | x_refsource_CONFIRM | |
| https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | HPE | HPE System Management Homepage before v7.6 |
Version: HPE System Management Homepage before v7.6 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.538Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "93961",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93961"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE System Management Homepage before v7.6",
"vendor": "HPE",
"versions": [
{
"status": "affected",
"version": "HPE System Management Homepage before v7.6"
}
]
}
],
"datePublic": "2016-10-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HPE System Management Homepage before v7.6 allows \"remote authenticated\" attackers to obtain sensitive information via unspecified vectors, related to an \"XSS\" issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-16T10:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "93961",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93961"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2016-4393",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE System Management Homepage before v7.6",
"version": {
"version_data": [
{
"version_value": "HPE System Management Homepage before v7.6"
}
]
}
}
]
},
"vendor_name": "HPE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE System Management Homepage before v7.6 allows \"remote authenticated\" attackers to obtain sensitive information via unspecified vectors, related to an \"XSS\" issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93961",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93961"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"name": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149",
"refsource": "CONFIRM",
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2016-4393",
"datePublished": "2016-10-28T21:00:00",
"dateReserved": "2016-04-29T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.538Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-3009
Vulnerability from cvelistv5
Published
2010-09-15 17:26
Modified
2024-09-16 17:37
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) for Linux 6.0 and 6.1 allows remote authenticated users to obtain sensitive information and gain root privileges via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/41427 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/43208 | vdb-entry, x_refsource_BID | |
| http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02475053 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id?1024433 | vdb-entry, x_refsource_SECTRACK | |
| http://marc.info/?l=bugtraq&m=128447666623011&w=2 | vendor-advisory, x_refsource_HP | |
| http://marc.info/?l=bugtraq&m=128447666623011&w=2 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:55:46.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "41427",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41427"
},
{
"name": "43208",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/43208"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02475053"
},
{
"name": "1024433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024433"
},
{
"name": "HPSBMA02566",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128447666623011\u0026w=2"
},
{
"name": "SSRT100045",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128447666623011\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) for Linux 6.0 and 6.1 allows remote authenticated users to obtain sensitive information and gain root privileges via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-09-15T17:26:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "41427",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41427"
},
{
"name": "43208",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/43208"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02475053"
},
{
"name": "1024433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024433"
},
{
"name": "HPSBMA02566",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128447666623011\u0026w=2"
},
{
"name": "SSRT100045",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=128447666623011\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2010-3009",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) for Linux 6.0 and 6.1 allows remote authenticated users to obtain sensitive information and gain root privileges via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "41427",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41427"
},
{
"name": "43208",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/43208"
},
{
"name": "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02475053",
"refsource": "CONFIRM",
"url": "http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02475053"
},
{
"name": "1024433",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024433"
},
{
"name": "HPSBMA02566",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=128447666623011\u0026w=2"
},
{
"name": "SSRT100045",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=128447666623011\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2010-3009",
"datePublished": "2010-09-15T17:26:00Z",
"dateReserved": "2010-08-13T00:00:00Z",
"dateUpdated": "2024-09-16T17:37:41.582Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-2356
Vulnerability from cvelistv5
Published
2013-07-19 18:00
Modified
2024-09-17 01:31
Severity ?
EPSS score ?
Summary
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2363.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:36:46.152Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT100835",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2363."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-07-19T18:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT100835",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-2356",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2363."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT100835",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-2356",
"datePublished": "2013-07-19T18:00:00Z",
"dateReserved": "2013-03-04T00:00:00Z",
"dateUpdated": "2024-09-17T01:31:18.976Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-1993
Vulnerability from cvelistv5
Published
2016-03-18 10:00
Modified
2024-08-05 23:17
Severity ?
EPSS score ?
Summary
HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1035325 | vdb-entry, x_refsource_SECTRACK | |
| https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:17:50.054Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035325",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035325"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-03-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-01T15:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1035325",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035325"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035325",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035325"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1993",
"datePublished": "2016-03-18T10:00:00",
"dateReserved": "2016-01-22T00:00:00",
"dateUpdated": "2024-08-05T23:17:50.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-3062
Vulnerability from cvelistv5
Published
2007-06-06 01:00
Modified
2024-08-07 14:05
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.2 running on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34656 | vdb-entry, x_refsource_XF | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01056592 | vendor-advisory, x_refsource_HP | |
| http://jvn.jp/jp/JVN%2319240523/index.html | third-party-advisory, x_refsource_JVN | |
| http://www.securitytracker.com/id?1018179 | vdb-entry, x_refsource_SECTRACK | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01056592 | vendor-advisory, x_refsource_HP | |
| http://secunia.com/advisories/25493 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2007/2013 | vdb-entry, x_refsource_VUPEN | |
| http://www.kb.cert.org/vuls/id/292457 | third-party-advisory, x_refsource_CERT-VN | |
| http://osvdb.org/36829 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/24256 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:05:27.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "hp-smh-unspecified-xss(34656)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34656"
},
{
"name": "SSRT071310",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01056592"
},
{
"name": "JVN#19240523",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2319240523/index.html"
},
{
"name": "1018179",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018179"
},
{
"name": "HPSBMA02216",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01056592"
},
{
"name": "25493",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25493"
},
{
"name": "ADV-2007-2013",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2013"
},
{
"name": "VU#292457",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/292457"
},
{
"name": "36829",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36829"
},
{
"name": "24256",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24256"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.2 running on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "hp-smh-unspecified-xss(34656)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34656"
},
{
"name": "SSRT071310",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01056592"
},
{
"name": "JVN#19240523",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2319240523/index.html"
},
{
"name": "1018179",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018179"
},
{
"name": "HPSBMA02216",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01056592"
},
{
"name": "25493",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25493"
},
{
"name": "ADV-2007-2013",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2013"
},
{
"name": "VU#292457",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/292457"
},
{
"name": "36829",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36829"
},
{
"name": "24256",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24256"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3062",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.2 running on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "hp-smh-unspecified-xss(34656)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34656"
},
{
"name": "SSRT071310",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01056592"
},
{
"name": "JVN#19240523",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2319240523/index.html"
},
{
"name": "1018179",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018179"
},
{
"name": "HPSBMA02216",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01056592"
},
{
"name": "25493",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25493"
},
{
"name": "ADV-2007-2013",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2013"
},
{
"name": "VU#292457",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/292457"
},
{
"name": "36829",
"refsource": "OSVDB",
"url": "http://osvdb.org/36829"
},
{
"name": "24256",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24256"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3062",
"datePublished": "2007-06-06T01:00:00",
"dateReserved": "2007-06-05T00:00:00",
"dateUpdated": "2024-08-07T14:05:27.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1993
Vulnerability from cvelistv5
Published
2012-04-18 10:00
Modified
2024-08-06 19:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows local users to modify data or obtain sensitive information via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/74918 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1026925 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/archive/1/522374 | vendor-advisory, x_refsource_HP | |
| http://www.securityfocus.com/archive/1/522374 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.697Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "hp-system-homepage-priv-esc(74918)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74918"
},
{
"name": "1026925",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026925"
},
{
"name": "HPSBMU02764",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522374"
},
{
"name": "SSRT100827",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522374"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows local users to modify data or obtain sensitive information via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T19:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "hp-system-homepage-priv-esc(74918)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74918"
},
{
"name": "1026925",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026925"
},
{
"name": "HPSBMU02764",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/522374"
},
{
"name": "SSRT100827",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/522374"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2012-1993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows local users to modify data or obtain sensitive information via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "hp-system-homepage-priv-esc(74918)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74918"
},
{
"name": "1026925",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026925"
},
{
"name": "HPSBMU02764",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/522374"
},
{
"name": "SSRT100827",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/522374"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2012-1993",
"datePublished": "2012-04-18T10:00:00",
"dateReserved": "2012-04-02T00:00:00",
"dateUpdated": "2024-08-06T19:17:27.697Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-2358
Vulnerability from cvelistv5
Published
2013-07-19 18:00
Modified
2024-09-16 17:04
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2359, and CVE-2013-2360.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:36:46.054Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT100907",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2359, and CVE-2013-2360."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-07-19T18:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT100907",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-2358",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2359, and CVE-2013-2360."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT100907",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-2358",
"datePublished": "2013-07-19T18:00:00Z",
"dateReserved": "2013-03-04T00:00:00Z",
"dateUpdated": "2024-09-16T17:04:11.112Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-3143
Vulnerability from cvelistv5
Published
2015-04-24 14:00
Modified
2024-08-06 05:39
Severity ?
EPSS score ?
Summary
cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:39:31.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBHF03544",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145612005512270\u0026w=2"
},
{
"name": "FEDORA-2015-6853",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://curl.haxx.se/docs/adv_20150422A.html"
},
{
"name": "DSA-3232",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3232"
},
{
"name": "FEDORA-2015-6712",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "MDVSA-2015:219",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219"
},
{
"name": "USN-2591-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2591-1"
},
{
"name": "1032232",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032232"
},
{
"name": "APPLE-SA-2015-08-13-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "74299",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74299"
},
{
"name": "RHSA-2015:1254",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html"
},
{
"name": "MDVSA-2015:220",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:220"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"name": "openSUSE-SU-2015:0799",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0179.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "GLSA-201509-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"name": "FEDORA-2015-6728",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html"
},
{
"name": "FEDORA-2015-6695",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html"
},
{
"name": "FEDORA-2015-6864",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "HPSBHF03544",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145612005512270\u0026w=2"
},
{
"name": "FEDORA-2015-6853",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://curl.haxx.se/docs/adv_20150422A.html"
},
{
"name": "DSA-3232",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3232"
},
{
"name": "FEDORA-2015-6712",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "MDVSA-2015:219",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219"
},
{
"name": "USN-2591-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2591-1"
},
{
"name": "1032232",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032232"
},
{
"name": "APPLE-SA-2015-08-13-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "74299",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74299"
},
{
"name": "RHSA-2015:1254",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html"
},
{
"name": "MDVSA-2015:220",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:220"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"name": "openSUSE-SU-2015:0799",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0179.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "GLSA-201509-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"name": "FEDORA-2015-6728",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html"
},
{
"name": "FEDORA-2015-6695",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html"
},
{
"name": "FEDORA-2015-6864",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-3143",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBHF03544",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=145612005512270\u0026w=2"
},
{
"name": "FEDORA-2015-6853",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html"
},
{
"name": "http://curl.haxx.se/docs/adv_20150422A.html",
"refsource": "CONFIRM",
"url": "http://curl.haxx.se/docs/adv_20150422A.html"
},
{
"name": "DSA-3232",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3232"
},
{
"name": "FEDORA-2015-6712",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "MDVSA-2015:219",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219"
},
{
"name": "USN-2591-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2591-1"
},
{
"name": "1032232",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032232"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "74299",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74299"
},
{
"name": "RHSA-2015:1254",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html"
},
{
"name": "MDVSA-2015:220",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:220"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"name": "openSUSE-SU-2015:0799",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0179.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0179.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "GLSA-201509-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"name": "FEDORA-2015-6728",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html"
},
{
"name": "FEDORA-2015-6695",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html"
},
{
"name": "FEDORA-2015-6864",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-3143",
"datePublished": "2015-04-24T14:00:00",
"dateReserved": "2015-04-10T00:00:00",
"dateUpdated": "2024-08-06T05:39:31.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-2355
Vulnerability from cvelistv5
Published
2013-07-19 18:00
Modified
2024-09-16 17:59
Severity ?
EPSS score ?
Summary
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2012-5217.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:36:46.514Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT100696",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2012-5217."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-07-19T18:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT100696",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-2355",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2012-5217."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT100696",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-2355",
"datePublished": "2013-07-19T18:00:00Z",
"dateReserved": "2013-03-04T00:00:00Z",
"dateUpdated": "2024-09-16T17:59:49.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-2360
Vulnerability from cvelistv5
Published
2013-07-19 18:00
Modified
2024-09-17 01:35
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2359.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:36:46.275Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT100907",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2359."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-07-19T18:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT100907",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-2360",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2359."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT100907",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-2360",
"datePublished": "2013-07-19T18:00:00Z",
"dateReserved": "2013-03-04T00:00:00Z",
"dateUpdated": "2024-09-17T01:35:59.171Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-2641
Vulnerability from cvelistv5
Published
2014-10-02 00:00
Modified
2024-08-06 10:21
Severity ?
EPSS score ?
Summary
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322 | vendor-advisory, x_refsource_HP | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322 | vendor-advisory, x_refsource_HP | |
| http://www.securitytracker.com/id/1030960 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:21:35.753Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBMU03112",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"name": "SSRT101438",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"name": "1030960",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030960"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-14T16:57:00",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBMU03112",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"name": "SSRT101438",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"name": "1030960",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030960"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2014-2641",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMU03112",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"name": "SSRT101438",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"name": "1030960",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030960"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2014-2641",
"datePublished": "2014-10-02T00:00:00",
"dateReserved": "2014-03-24T00:00:00",
"dateUpdated": "2024-08-06T10:21:35.753Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-1994
Vulnerability from cvelistv5
Published
2016-03-18 10:00
Modified
2024-08-05 23:17
Severity ?
EPSS score ?
Summary
HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1035325 | vdb-entry, x_refsource_SECTRACK | |
| https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:17:50.003Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035325",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035325"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-03-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-01T15:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1035325",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035325"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1994",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035325",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035325"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1994",
"datePublished": "2016-03-18T10:00:00",
"dateReserved": "2016-01-22T00:00:00",
"dateUpdated": "2024-08-05T23:17:50.003Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12551
Vulnerability from cvelistv5
Published
2018-02-15 22:00
Modified
2024-08-05 18:43
Severity ?
EPSS score ?
Summary
A local arbitrary execution of commands vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1039437 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/101029 | vdb-entry, x_refsource_BID | |
| https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:43:56.208Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039437",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-09-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A local arbitrary execution of commands vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T15:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "1039437",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2017-12551",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local arbitrary execution of commands vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039437",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101029"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2017-12551",
"datePublished": "2018-02-15T22:00:00",
"dateReserved": "2017-08-05T00:00:00",
"dateUpdated": "2024-08-05T18:43:56.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-3011
Vulnerability from cvelistv5
Published
2010-09-17 17:46
Modified
2024-09-17 03:27
Severity ?
EPSS score ?
Summary
CRLF injection vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/41490 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995 | vendor-advisory, x_refsource_HP | |
| http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995 | vendor-advisory, x_refsource_HP | |
| http://secunia.com/advisories/41480 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:55:46.585Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "41490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41490"
},
{
"name": "HPSBMA02568",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"name": "SSRT100219",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"name": "41480",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41480"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-09-17T17:46:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "41490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41490"
},
{
"name": "HPSBMA02568",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"name": "SSRT100219",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"name": "41480",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41480"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2010-3011",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CRLF injection vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "41490",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41490"
},
{
"name": "HPSBMA02568",
"refsource": "HP",
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"name": "SSRT100219",
"refsource": "HP",
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"name": "41480",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41480"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2010-3011",
"datePublished": "2010-09-17T17:46:00Z",
"dateReserved": "2010-08-13T00:00:00Z",
"dateUpdated": "2024-09-17T03:27:27.397Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-4394
Vulnerability from cvelistv5
Published
2016-10-28 21:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
HPE System Management Homepage before v7.6 allows remote attackers to obtain sensitive information via unspecified vectors, related to an "HSTS" issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/93961 | vdb-entry, x_refsource_BID | |
| https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 | x_refsource_CONFIRM | |
| https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | HPE | HPE System Management Homepage before v7.6 |
Version: HPE System Management Homepage before v7.6 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "93961",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93961"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE System Management Homepage before v7.6",
"vendor": "HPE",
"versions": [
{
"status": "affected",
"version": "HPE System Management Homepage before v7.6"
}
]
}
],
"datePublic": "2016-10-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HPE System Management Homepage before v7.6 allows remote attackers to obtain sensitive information via unspecified vectors, related to an \"HSTS\" issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "HSTS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-16T10:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "93961",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93961"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2016-4394",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE System Management Homepage before v7.6",
"version": {
"version_data": [
{
"version_value": "HPE System Management Homepage before v7.6"
}
]
}
}
]
},
"vendor_name": "HPE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE System Management Homepage before v7.6 allows remote attackers to obtain sensitive information via unspecified vectors, related to an \"HSTS\" issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "HSTS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93961",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93961"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"name": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149",
"refsource": "CONFIRM",
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2016-4394",
"datePublished": "2016-10-28T21:00:00",
"dateReserved": "2016-04-29T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-2013
Vulnerability from cvelistv5
Published
2012-06-29 22:00
Modified
2024-09-17 02:21
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote attackers to cause a denial of service, or possibly obtain sensitive information or modify data, via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 | vendor-advisory, x_refsource_HP | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.661Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBMU02786",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"name": "SSRT100877",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote attackers to cause a denial of service, or possibly obtain sensitive information or modify data, via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-06-29T22:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBMU02786",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"name": "SSRT100877",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2012-2013",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote attackers to cause a denial of service, or possibly obtain sensitive information or modify data, via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMU02786",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"name": "SSRT100877",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2012-2013",
"datePublished": "2012-06-29T22:00:00Z",
"dateReserved": "2012-04-02T00:00:00Z",
"dateUpdated": "2024-09-17T02:21:41.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-3237
Vulnerability from cvelistv5
Published
2015-06-22 19:00
Modified
2024-08-06 05:39
Severity ?
EPSS score ?
Summary
The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160660.html | vendor-advisory, x_refsource_FEDORA | |
| http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | x_refsource_CONFIRM | |
| https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017 | x_refsource_CONFIRM | |
| http://curl.haxx.se/docs/adv_20150617B.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1036371 | vdb-entry, x_refsource_SECTRACK | |
| https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380 | x_refsource_CONFIRM | |
| http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | x_refsource_CONFIRM | |
| http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/91787 | vdb-entry, x_refsource_BID | |
| https://security.gentoo.org/glsa/201509-02 | vendor-advisory, x_refsource_GENTOO | |
| http://www.securityfocus.com/bid/75387 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:39:32.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2015-10155",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160660.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://curl.haxx.se/docs/adv_20150617B.html"
},
{
"name": "1036371",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036371"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "91787",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "GLSA-201509-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"name": "75387",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75387"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T00:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2015-10155",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160660.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://curl.haxx.se/docs/adv_20150617B.html"
},
{
"name": "1036371",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036371"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "91787",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "GLSA-201509-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"name": "75387",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75387"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-3237",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2015-10155",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160660.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017"
},
{
"name": "http://curl.haxx.se/docs/adv_20150617B.html",
"refsource": "CONFIRM",
"url": "http://curl.haxx.se/docs/adv_20150617B.html"
},
{
"name": "1036371",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036371"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "GLSA-201509-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"name": "75387",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75387"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-3237",
"datePublished": "2015-06-22T19:00:00",
"dateReserved": "2015-04-10T00:00:00",
"dateUpdated": "2024-08-06T05:39:32.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-3260
Vulnerability from cvelistv5
Published
2007-06-19 18:00
Modified
2024-08-07 14:14
Severity ?
EPSS score ?
Summary
HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assigns the eDirectory members to the root group, which allows remote authenticated eDirectory users to gain privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01072894 | vendor-advisory, x_refsource_HP | |
| http://www.securityfocus.com/bid/24486 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34900 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2007/2232 | vdb-entry, x_refsource_VUPEN | |
| http://osvdb.org/37513 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id?1018256 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/25689 | third-party-advisory, x_refsource_SECUNIA | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01072894 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:14:11.466Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT071334",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01072894"
},
{
"name": "24486",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24486"
},
{
"name": "hp-smh-edirectory-unauthorized-access(34900)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34900"
},
{
"name": "ADV-2007-2232",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2232"
},
{
"name": "37513",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37513"
},
{
"name": "1018256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018256"
},
{
"name": "25689",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25689"
},
{
"name": "HPSBMA02224",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01072894"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assigns the eDirectory members to the root group, which allows remote authenticated eDirectory users to gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SSRT071334",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01072894"
},
{
"name": "24486",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24486"
},
{
"name": "hp-smh-edirectory-unauthorized-access(34900)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34900"
},
{
"name": "ADV-2007-2232",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2232"
},
{
"name": "37513",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37513"
},
{
"name": "1018256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018256"
},
{
"name": "25689",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25689"
},
{
"name": "HPSBMA02224",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01072894"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3260",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assigns the eDirectory members to the root group, which allows remote authenticated eDirectory users to gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT071334",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01072894"
},
{
"name": "24486",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24486"
},
{
"name": "hp-smh-edirectory-unauthorized-access(34900)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34900"
},
{
"name": "ADV-2007-2232",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2232"
},
{
"name": "37513",
"refsource": "OSVDB",
"url": "http://osvdb.org/37513"
},
{
"name": "1018256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018256"
},
{
"name": "25689",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25689"
},
{
"name": "HPSBMA02224",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01072894"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3260",
"datePublished": "2007-06-19T18:00:00",
"dateReserved": "2007-06-19T00:00:00",
"dateUpdated": "2024-08-07T14:14:11.466Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-5388
Vulnerability from cvelistv5
Published
2016-07-19 01:00
Modified
2024-08-06 01:00
Severity ?
EPSS score ?
Summary
Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "A mitigation is planned for future releases of Tomcat, tracked as CVE-2016-5388"; in other words, this is not a CVE ID for a vulnerability.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:00:59.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2016:1635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1635"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759"
},
{
"name": "VU#797896",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/797896"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"name": "RHSA-2016:2045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2045.html"
},
{
"name": "RHSA-2016:2046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2046.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tomcat.apache.org/tomcat-7.0-doc/changelog.html"
},
{
"name": "91818",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91818"
},
{
"name": "openSUSE-SU-2016:2252",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00025.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03770en_us"
},
{
"name": "RHSA-2016:1624",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1624.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.apache.org/security/asf-httpoxy-response.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://httpoxy.org/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name": "1036331",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036331"
},
{
"name": "RHSA-2016:1636",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1636"
},
{
"name": "[debian-lts-announce] 20190813 [SECURITY] [DLA 1883-1] tomcat8 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html"
},
{
"name": "[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20190826 [jira] [Created] (AMQ-7288) Security Vulnerabilities in ActiveMQ dependent libraries.",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/6d3d34adcf3dfc48e36342aa1f18ce3c20bb8e4c458a97508d5bfed1%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20190925 [jira] [Created] (AMQ-7310) Security Vulnerabilities in Tomcat-websocket-api.jar",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/6b414817c2b0bf351138911c8c922ec5dd577ebc0b9a7f42d705752d%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[tomcat-users] 20200813 CVE reporting discrepencies",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc6b2147532416cc736e68a32678d3947b7053c3085cf43a9874fd102%40%3Cusers.tomcat.apache.org%3E"
},
{
"name": "[tomcat-users] 20200813 Re: CVE reporting discrepencies",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r2853582063cfd9e7fbae1e029ae004e6a83482ae9b70a698996353dd%40%3Cusers.tomcat.apache.org%3E"
},
{
"name": "[tomcat-users] 20200814 Re: CVE reporting discrepencies",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf21b368769ae70de4dee840a3228721ae442f1d51ad8742003aefe39%40%3Cusers.tomcat.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application\u0027s outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an \"httpoxy\" issue. NOTE: the vendor states \"A mitigation is planned for future releases of Tomcat, tracked as CVE-2016-5388\"; in other words, this is not a CVE ID for a vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-14T10:06:04",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2016:1635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1635"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759"
},
{
"name": "VU#797896",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/797896"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"name": "RHSA-2016:2045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2045.html"
},
{
"name": "RHSA-2016:2046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2046.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tomcat.apache.org/tomcat-7.0-doc/changelog.html"
},
{
"name": "91818",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91818"
},
{
"name": "openSUSE-SU-2016:2252",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00025.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03770en_us"
},
{
"name": "RHSA-2016:1624",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1624.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.apache.org/security/asf-httpoxy-response.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://httpoxy.org/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name": "1036331",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036331"
},
{
"name": "RHSA-2016:1636",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1636"
},
{
"name": "[debian-lts-announce] 20190813 [SECURITY] [DLA 1883-1] tomcat8 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html"
},
{
"name": "[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20190826 [jira] [Created] (AMQ-7288) Security Vulnerabilities in ActiveMQ dependent libraries.",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/6d3d34adcf3dfc48e36342aa1f18ce3c20bb8e4c458a97508d5bfed1%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[activemq-issues] 20190925 [jira] [Created] (AMQ-7310) Security Vulnerabilities in Tomcat-websocket-api.jar",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/6b414817c2b0bf351138911c8c922ec5dd577ebc0b9a7f42d705752d%40%3Cissues.activemq.apache.org%3E"
},
{
"name": "[tomcat-users] 20200813 CVE reporting discrepencies",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc6b2147532416cc736e68a32678d3947b7053c3085cf43a9874fd102%40%3Cusers.tomcat.apache.org%3E"
},
{
"name": "[tomcat-users] 20200813 Re: CVE reporting discrepencies",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r2853582063cfd9e7fbae1e029ae004e6a83482ae9b70a698996353dd%40%3Cusers.tomcat.apache.org%3E"
},
{
"name": "[tomcat-users] 20200814 Re: CVE reporting discrepencies",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf21b368769ae70de4dee840a3228721ae442f1d51ad8742003aefe39%40%3Cusers.tomcat.apache.org%3E"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-5388",
"datePublished": "2016-07-19T01:00:00",
"dateReserved": "2016-06-10T00:00:00",
"dateUpdated": "2024-08-06T01:00:59.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-3113
Vulnerability from cvelistv5
Published
2015-06-23 21:00
Modified
2024-08-06 05:39
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:39:31.723Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBMU03409",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.suse.com/security/cve/CVE-2015-3113.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467"
},
{
"name": "1032696",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032696"
},
{
"name": "RHSA-2015:1184",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1184.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1235036"
},
{
"name": "GLSA-201507-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201507-13"
},
{
"name": "openSUSE-SU-2015:1180",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=935701"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-14.html"
},
{
"name": "75371",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75371"
},
{
"name": "SUSE-SU-2015:1136",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00020.html"
},
{
"name": "openSUSE-SU-2015:1148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00025.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-07T21:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "HPSBMU03409",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.suse.com/security/cve/CVE-2015-3113.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467"
},
{
"name": "1032696",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032696"
},
{
"name": "RHSA-2015:1184",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1184.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1235036"
},
{
"name": "GLSA-201507-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201507-13"
},
{
"name": "openSUSE-SU-2015:1180",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=935701"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-14.html"
},
{
"name": "75371",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75371"
},
{
"name": "SUSE-SU-2015:1136",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00020.html"
},
{
"name": "openSUSE-SU-2015:1148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00025.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-3113",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMU03409",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"name": "https://www.suse.com/security/cve/CVE-2015-3113.html",
"refsource": "CONFIRM",
"url": "https://www.suse.com/security/cve/CVE-2015-3113.html"
},
{
"name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467",
"refsource": "CONFIRM",
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467"
},
{
"name": "1032696",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032696"
},
{
"name": "RHSA-2015:1184",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1184.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1235036",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1235036"
},
{
"name": "GLSA-201507-13",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201507-13"
},
{
"name": "openSUSE-SU-2015:1180",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00002.html"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=935701",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=935701"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb15-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-14.html"
},
{
"name": "75371",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75371"
},
{
"name": "SUSE-SU-2015:1136",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00020.html"
},
{
"name": "openSUSE-SU-2015:1148",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00025.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2015-3113",
"datePublished": "2015-06-23T21:00:00",
"dateReserved": "2015-04-09T00:00:00",
"dateUpdated": "2024-08-06T05:39:31.723Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-1774
Vulnerability from cvelistv5
Published
2006-04-13 10:00
Modified
2024-08-07 17:27
Severity ?
EPSS score ?
Summary
HP System Management Homepage (SMH) 2.1.3.132, when running on CompaqHTTPServer/9.9 on Windows, Linux, or Tru64 UNIX, and when "Trust by Certificates" is not enabled, allows remote attackers to bypass authentication via a crafted URL.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1015901 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/archive/1/430688/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://src.telindus.com/articles/hpsm_vulnerability.html | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/25761 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:27:28.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1015901",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015901"
},
{
"name": "20060411 [SRC-Telindus advisory] - HP System Management Homepage Remote Unauthorized Access",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/430688/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://src.telindus.com/articles/hpsm_vulnerability.html"
},
{
"name": "hp-smh-auth-bypass(25761)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25761"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HP System Management Homepage (SMH) 2.1.3.132, when running on CompaqHTTPServer/9.9 on Windows, Linux, or Tru64 UNIX, and when \"Trust by Certificates\" is not enabled, allows remote attackers to bypass authentication via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1015901",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015901"
},
{
"name": "20060411 [SRC-Telindus advisory] - HP System Management Homepage Remote Unauthorized Access",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/430688/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://src.telindus.com/articles/hpsm_vulnerability.html"
},
{
"name": "hp-smh-auth-bypass(25761)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25761"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1774",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HP System Management Homepage (SMH) 2.1.3.132, when running on CompaqHTTPServer/9.9 on Windows, Linux, or Tru64 UNIX, and when \"Trust by Certificates\" is not enabled, allows remote attackers to bypass authentication via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1015901",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015901"
},
{
"name": "20060411 [SRC-Telindus advisory] - HP System Management Homepage Remote Unauthorized Access",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/430688/100/0/threaded"
},
{
"name": "http://src.telindus.com/articles/hpsm_vulnerability.html",
"refsource": "MISC",
"url": "http://src.telindus.com/articles/hpsm_vulnerability.html"
},
{
"name": "hp-smh-auth-bypass(25761)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25761"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1774",
"datePublished": "2006-04-13T10:00:00",
"dateReserved": "2006-04-13T00:00:00",
"dateUpdated": "2024-08-07T17:27:28.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12553
Vulnerability from cvelistv5
Published
2018-02-15 22:00
Modified
2024-09-16 22:09
Severity ?
EPSS score ?
Summary
A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1039437 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/101029 | vdb-entry, x_refsource_BID | |
| https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Hewlett Packard Enterprise | System Management Homepage for Windows and Linux |
Version: prior to 7.6.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:43:56.319Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039437",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "System Management Homepage for Windows and Linux",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "prior to 7.6.1"
}
]
}
],
"datePublic": "2017-09-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local authentication bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T15:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "1039437",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-09-26T00:00:00",
"ID": "CVE-2017-12553",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "System Management Homepage for Windows and Linux",
"version": {
"version_data": [
{
"version_value": "prior to 7.6.1"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local authentication bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039437",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101029"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2017-12553",
"datePublished": "2018-02-15T22:00:00Z",
"dateReserved": "2017-08-05T00:00:00",
"dateUpdated": "2024-09-16T22:09:07.466Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-1541
Vulnerability from cvelistv5
Published
2011-04-29 22:00
Modified
2024-08-06 22:28
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote attackers to bypass intended access restrictions, and consequently execute arbitrary code, via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id?1025414 | vdb-entry, x_refsource_SECTRACK | |
| http://marc.info/?l=bugtraq&m=130331363227777&w=2 | vendor-advisory, x_refsource_HP | |
| http://www.securityfocus.com/bid/47512 | vdb-entry, x_refsource_BID | |
| http://securityreason.com/securityalert/8233 | third-party-advisory, x_refsource_SREASON | |
| http://marc.info/?l=bugtraq&m=130331363227777&w=2 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:28:41.871Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1025414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025414"
},
{
"name": "HPSBMA02662",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
},
{
"name": "47512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47512"
},
{
"name": "8233",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8233"
},
{
"name": "SSRT100409",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-04-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote attackers to bypass intended access restrictions, and consequently execute arbitrary code, via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-07T09:00:00",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "1025414",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025414"
},
{
"name": "HPSBMA02662",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
},
{
"name": "47512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/47512"
},
{
"name": "8233",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8233"
},
{
"name": "SSRT100409",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2011-1541",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote attackers to bypass intended access restrictions, and consequently execute arbitrary code, via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1025414",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025414"
},
{
"name": "HPSBMA02662",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
},
{
"name": "47512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47512"
},
{
"name": "8233",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8233"
},
{
"name": "SSRT100409",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2011-1541",
"datePublished": "2011-04-29T22:00:00",
"dateReserved": "2011-03-29T00:00:00",
"dateUpdated": "2024-08-06T22:28:41.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-50271
Vulnerability from cvelistv5
Published
2023-12-17 14:49
Modified
2024-08-02 22:16
Severity ?
EPSS score ?
Summary
A potential security vulnerability has been identified with HP-UX System Management Homepage (SMH). This vulnerability could be exploited locally or remotely to disclose information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | HPE | HPE System Management Homepage (SMH) |
Version: Prior to HPE SMH ver.A.3.2.23.09 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:16:46.752Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbux04551en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"packageName": "SMH",
"platforms": [
"HP-UX"
],
"product": "HPE System Management Homepage (SMH)",
"vendor": "HPE",
"versions": [
{
"status": "affected",
"version": "Prior to HPE SMH ver.A.3.2.23.09"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA potential security vulnerability has been identified with HP-UX System Management Homepage (SMH). This vulnerability could be exploited locally or remotely to disclose information.\u003c/span\u003e\n\n"
}
],
"value": "\nA potential security vulnerability has been identified with HP-UX System Management Homepage (SMH). This vulnerability could be exploited locally or remotely to disclose information.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-410",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-410 Information Elicitation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-17T14:49:53.516Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbux04551en_us"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HP-UX System Management Homepage, Disclosure of Information",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2023-50271",
"datePublished": "2023-12-17T14:49:53.516Z",
"dateReserved": "2023-12-06T14:22:26.839Z",
"dateUpdated": "2024-08-02T22:16:46.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-2014
Vulnerability from cvelistv5
Published
2012-06-29 22:00
Modified
2024-09-16 19:20
Severity ?
EPSS score ?
Summary
HP System Management Homepage (SMH) before 7.1.1 does not properly validate input, which allows remote authenticated users to have an unspecified impact via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 | vendor-advisory, x_refsource_HP | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.729Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBMU02786",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"name": "SSRT100877",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HP System Management Homepage (SMH) before 7.1.1 does not properly validate input, which allows remote authenticated users to have an unspecified impact via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-06-29T22:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBMU02786",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"name": "SSRT100877",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2012-2014",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HP System Management Homepage (SMH) before 7.1.1 does not properly validate input, which allows remote authenticated users to have an unspecified impact via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMU02786",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"name": "SSRT100877",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2012-2014",
"datePublished": "2012-06-29T22:00:00Z",
"dateReserved": "2012-04-02T00:00:00Z",
"dateUpdated": "2024-09-16T19:20:24.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-1996
Vulnerability from cvelistv5
Published
2016-03-18 10:00
Modified
2024-08-05 23:17
Severity ?
EPSS score ?
Summary
HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1035325 | vdb-entry, x_refsource_SECTRACK | |
| https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:17:50.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035325",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035325"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-03-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-01T15:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1035325",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035325"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1996",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035325",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035325"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1996",
"datePublished": "2016-03-18T10:00:00",
"dateReserved": "2016-01-22T00:00:00",
"dateUpdated": "2024-08-05T23:17:50.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-2016
Vulnerability from cvelistv5
Published
2012-06-29 22:00
Modified
2024-09-16 20:16
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows local users to obtain sensitive information via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 | vendor-advisory, x_refsource_HP | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.641Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBMU02786",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"name": "SSRT100877",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows local users to obtain sensitive information via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-06-29T22:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBMU02786",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"name": "SSRT100877",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2012-2016",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows local users to obtain sensitive information via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMU02786",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"name": "SSRT100877",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2012-2016",
"datePublished": "2012-06-29T22:00:00Z",
"dateReserved": "2012-04-02T00:00:00Z",
"dateUpdated": "2024-09-16T20:16:52.607Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-4395
Vulnerability from cvelistv5
Published
2016-10-28 21:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.zerodayinitiative.com/advisories/ZDI-16-587 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/93961 | vdb-entry, x_refsource_BID | |
| https://www.tenable.com/security/research/tra-2016-32 | x_refsource_MISC | |
| https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 | x_refsource_CONFIRM | |
| https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | HPE | HPE System Management Homepage before v7.6 |
Version: HPE System Management Homepage before v7.6 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.516Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-587"
},
{
"name": "93961",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93961"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2016-32"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE System Management Homepage before v7.6",
"vendor": "HPE",
"versions": [
{
"status": "affected",
"version": "HPE System Management Homepage before v7.6"
}
]
}
],
"datePublic": "2016-10-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a \"Buffer Overflow\" issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-16T10:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-587"
},
{
"name": "93961",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93961"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2016-32"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2016-4395",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE System Management Homepage before v7.6",
"version": {
"version_data": [
{
"version_value": "HPE System Management Homepage before v7.6"
}
]
}
}
]
},
"vendor_name": "HPE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a \"Buffer Overflow\" issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-587",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-587"
},
{
"name": "93961",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93961"
},
{
"name": "https://www.tenable.com/security/research/tra-2016-32",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2016-32"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"name": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149",
"refsource": "CONFIRM",
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2016-4395",
"datePublished": "2016-10-28T21:00:00",
"dateReserved": "2016-04-29T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.516Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12552
Vulnerability from cvelistv5
Published
2018-02-15 22:00
Modified
2024-09-17 02:32
Severity ?
EPSS score ?
Summary
A local arbitrary execution of commands vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1039437 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/101029 | vdb-entry, x_refsource_BID | |
| https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Hewlett Packard Enterprise | System Management Homepage for Windows and Linux |
Version: prior to 7.6.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:43:55.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039437",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "System Management Homepage for Windows and Linux",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "prior to 7.6.1"
}
]
}
],
"datePublic": "2017-09-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A local arbitrary execution of commands vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local arbitrary execution of commands",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T15:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "1039437",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-09-26T00:00:00",
"ID": "CVE-2017-12552",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "System Management Homepage for Windows and Linux",
"version": {
"version_data": [
{
"version_value": "prior to 7.6.1"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local arbitrary execution of commands vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local arbitrary execution of commands"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039437",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101029"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2017-12552",
"datePublished": "2018-02-15T22:00:00Z",
"dateReserved": "2017-08-05T00:00:00",
"dateUpdated": "2024-09-17T02:32:42.115Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-5217
Vulnerability from cvelistv5
Published
2013-07-19 18:00
Modified
2024-09-17 02:31
Severity ?
EPSS score ?
Summary
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2355.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:58:03.381Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT101137",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2355."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-07-19T18:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT101137",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2012-5217",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2355."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT101137",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2012-5217",
"datePublished": "2013-07-19T18:00:00Z",
"dateReserved": "2012-10-01T00:00:00Z",
"dateUpdated": "2024-09-17T02:31:40.203Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-4931
Vulnerability from cvelistv5
Published
2007-09-18 18:00
Modified
2024-08-07 15:17
Severity ?
EPSS score ?
Summary
HP System Management Homepage (SMH) for Windows, when used in conjunction with HP Version Control Agent or Version Control Repository Manager, leaves old OpenSSL software active after an OpenSSL update, which has unknown impact and attack vectors, probably related to previous vulnerabilities for OpenSSL.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/25675 | vdb-entry, x_refsource_BID | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065 | vendor-advisory, x_refsource_HP | |
| http://securitytracker.com/id?1018696 | vdb-entry, x_refsource_SECTRACK | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065 | vendor-advisory, x_refsource_HP | |
| http://osvdb.org/45941 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:17:27.092Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25675",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25675"
},
{
"name": "HPSBMA02258",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065"
},
{
"name": "1018696",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018696"
},
{
"name": "SSRT071470",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065"
},
{
"name": "45941",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/45941"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HP System Management Homepage (SMH) for Windows, when used in conjunction with HP Version Control Agent or Version Control Repository Manager, leaves old OpenSSL software active after an OpenSSL update, which has unknown impact and attack vectors, probably related to previous vulnerabilities for OpenSSL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25675",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25675"
},
{
"name": "HPSBMA02258",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065"
},
{
"name": "1018696",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018696"
},
{
"name": "SSRT071470",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065"
},
{
"name": "45941",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/45941"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4931",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HP System Management Homepage (SMH) for Windows, when used in conjunction with HP Version Control Agent or Version Control Repository Manager, leaves old OpenSSL software active after an OpenSSL update, which has unknown impact and attack vectors, probably related to previous vulnerabilities for OpenSSL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25675",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25675"
},
{
"name": "HPSBMA02258",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065"
},
{
"name": "1018696",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018696"
},
{
"name": "SSRT071470",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065"
},
{
"name": "45941",
"refsource": "OSVDB",
"url": "http://osvdb.org/45941"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4931",
"datePublished": "2007-09-18T18:00:00",
"dateReserved": "2007-09-18T00:00:00",
"dateUpdated": "2024-08-07T15:17:27.092Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-7874
Vulnerability from cvelistv5
Published
2014-10-19 01:00
Modified
2024-08-06 13:03
Severity ?
EPSS score ?
Summary
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/60945 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/97024 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id/1031050 | vdb-entry, x_refsource_SECTRACK | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04476799 | vendor-advisory, x_refsource_HP | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04476799 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:03:27.434Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "60945",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60945"
},
{
"name": "hp-smh-cve20147874-csrf(97024)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97024"
},
{
"name": "1031050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031050"
},
{
"name": "HPSBUX03139",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04476799"
},
{
"name": "SSRT101608",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04476799"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "60945",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60945"
},
{
"name": "hp-smh-cve20147874-csrf(97024)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97024"
},
{
"name": "1031050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031050"
},
{
"name": "HPSBUX03139",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04476799"
},
{
"name": "SSRT101608",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04476799"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2014-7874",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "60945",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60945"
},
{
"name": "hp-smh-cve20147874-csrf(97024)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97024"
},
{
"name": "1031050",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031050"
},
{
"name": "HPSBUX03139",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04476799"
},
{
"name": "SSRT101608",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04476799"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2014-7874",
"datePublished": "2014-10-19T01:00:00",
"dateReserved": "2014-10-06T00:00:00",
"dateUpdated": "2024-08-06T13:03:27.434Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-4411
Vulnerability from cvelistv5
Published
2008-10-13 18:00
Modified
2024-08-07 10:17
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.15.210 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-1663.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/31663 | vdb-entry, x_refsource_BID | |
| http://securitytracker.com/id?1021015 | vdb-entry, x_refsource_SECTRACK | |
| http://marc.info/?l=bugtraq&m=122356588429626&w=2 | vendor-advisory, x_refsource_HP | |
| http://marc.info/?l=bugtraq&m=122356588429626&w=2 | vendor-advisory, x_refsource_HP | |
| http://secunia.com/advisories/32199 | third-party-advisory, x_refsource_SECUNIA | |
| http://securityreason.com/securityalert/4398 | third-party-advisory, x_refsource_SREASON | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/45754 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2008/2778 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:17:09.572Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31663",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31663"
},
{
"name": "1021015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1021015"
},
{
"name": "HPSBMA02376",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122356588429626\u0026w=2"
},
{
"name": "SSRT080099",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122356588429626\u0026w=2"
},
{
"name": "32199",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32199"
},
{
"name": "4398",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4398"
},
{
"name": "smh-unspecified-xss(45754)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45754"
},
{
"name": "ADV-2008-2778",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2778"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.15.210 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-1663."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31663",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31663"
},
{
"name": "1021015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1021015"
},
{
"name": "HPSBMA02376",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122356588429626\u0026w=2"
},
{
"name": "SSRT080099",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122356588429626\u0026w=2"
},
{
"name": "32199",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32199"
},
{
"name": "4398",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4398"
},
{
"name": "smh-unspecified-xss(45754)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45754"
},
{
"name": "ADV-2008-2778",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2778"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4411",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.15.210 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-1663."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31663",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31663"
},
{
"name": "1021015",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1021015"
},
{
"name": "HPSBMA02376",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=122356588429626\u0026w=2"
},
{
"name": "SSRT080099",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=122356588429626\u0026w=2"
},
{
"name": "32199",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32199"
},
{
"name": "4398",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4398"
},
{
"name": "smh-unspecified-xss(45754)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45754"
},
{
"name": "ADV-2008-2778",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2778"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4411",
"datePublished": "2008-10-13T18:00:00",
"dateReserved": "2008-10-03T00:00:00",
"dateUpdated": "2024-08-07T10:17:09.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4024
Vulnerability from cvelistv5
Published
2015-06-09 18:00
Modified
2024-08-06 06:04
Severity ?
EPSS score ?
Summary
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:04:02.812Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2015:1187",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html"
},
{
"name": "RHSA-2015:1186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html"
},
{
"name": "74903",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74903"
},
{
"name": "1032432",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032432"
},
{
"name": "RHSA-2015:1219",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1219.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name": "openSUSE-SU-2015:0993",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.php.net/bug.php?id=69364"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"name": "DSA-3280",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3280"
},
{
"name": "APPLE-SA-2015-08-13-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "RHSA-2015:1135",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "FEDORA-2015-8383",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html"
},
{
"name": "FEDORA-2015-8281",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html"
},
{
"name": "FEDORA-2015-8370",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html"
},
{
"name": "RHSA-2015:1218",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2015:1187",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html"
},
{
"name": "RHSA-2015:1186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html"
},
{
"name": "74903",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74903"
},
{
"name": "1032432",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032432"
},
{
"name": "RHSA-2015:1219",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1219.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name": "openSUSE-SU-2015:0993",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.php.net/bug.php?id=69364"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"name": "DSA-3280",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3280"
},
{
"name": "APPLE-SA-2015-08-13-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "RHSA-2015:1135",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "FEDORA-2015-8383",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html"
},
{
"name": "FEDORA-2015-8281",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html"
},
{
"name": "FEDORA-2015-8370",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html"
},
{
"name": "RHSA-2015:1218",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4024",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2015:1187",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html"
},
{
"name": "RHSA-2015:1186",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html"
},
{
"name": "74903",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74903"
},
{
"name": "1032432",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032432"
},
{
"name": "RHSA-2015:1219",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1219.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name": "openSUSE-SU-2015:0993",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html"
},
{
"name": "https://bugs.php.net/bug.php?id=69364",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=69364"
},
{
"name": "http://php.net/ChangeLog-5.php",
"refsource": "CONFIRM",
"url": "http://php.net/ChangeLog-5.php"
},
{
"name": "DSA-3280",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3280"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "RHSA-2015:1135",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "FEDORA-2015-8383",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html"
},
{
"name": "FEDORA-2015-8281",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html"
},
{
"name": "FEDORA-2015-8370",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html"
},
{
"name": "RHSA-2015:1218",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-4024",
"datePublished": "2015-06-09T18:00:00",
"dateReserved": "2015-05-18T00:00:00",
"dateUpdated": "2024-08-06T06:04:02.812Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12548
Vulnerability from cvelistv5
Published
2018-02-15 22:00
Modified
2024-09-16 16:54
Severity ?
EPSS score ?
Summary
A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1039437 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/101029 | vdb-entry, x_refsource_BID | |
| https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Hewlett Packard Enterprise | System Management Homepage for Windows and Linux |
Version: prior to 7.6.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:43:55.577Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039437",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "System Management Homepage for Windows and Linux",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "prior to 7.6.1"
}
]
}
],
"datePublic": "2017-09-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local arbitrary command execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T15:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "1039437",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-09-26T00:00:00",
"ID": "CVE-2017-12548",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "System Management Homepage for Windows and Linux",
"version": {
"version_data": [
{
"version_value": "prior to 7.6.1"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local arbitrary command execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039437",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101029"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2017-12548",
"datePublished": "2018-02-15T22:00:00Z",
"dateReserved": "2017-08-05T00:00:00",
"dateUpdated": "2024-09-16T16:54:01.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-8651
Vulnerability from cvelistv5
Published
2015-12-28 23:00
Modified
2024-08-06 08:20
Severity ?
EPSS score ?
Summary
Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:20:43.557Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2015:2403",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html"
},
{
"name": "1034544",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034544"
},
{
"name": "RHSA-2015:2697",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2697.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html"
},
{
"name": "79705",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/79705"
},
{
"name": "SUSE-SU-2015:2401",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"name": "SUSE-SU-2015:2402",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html"
},
{
"name": "openSUSE-SU-2015:2400",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html"
},
{
"name": "GLSA-201601-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201601-03"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-12-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK \u0026 Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-16T10:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "openSUSE-SU-2015:2403",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html"
},
{
"name": "1034544",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034544"
},
{
"name": "RHSA-2015:2697",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2697.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html"
},
{
"name": "79705",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/79705"
},
{
"name": "SUSE-SU-2015:2401",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"name": "SUSE-SU-2015:2402",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html"
},
{
"name": "openSUSE-SU-2015:2400",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html"
},
{
"name": "GLSA-201601-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201601-03"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-8651",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK \u0026 Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2015:2403",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html"
},
{
"name": "1034544",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034544"
},
{
"name": "RHSA-2015:2697",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2697.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html"
},
{
"name": "79705",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/79705"
},
{
"name": "SUSE-SU-2015:2401",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"name": "SUSE-SU-2015:2402",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html"
},
{
"name": "openSUSE-SU-2015:2400",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html"
},
{
"name": "GLSA-201601-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201601-03"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2015-8651",
"datePublished": "2015-12-28T23:00:00",
"dateReserved": "2015-12-23T00:00:00",
"dateUpdated": "2024-08-06T08:20:43.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-4821
Vulnerability from cvelistv5
Published
2013-09-23 10:00
Modified
2024-09-16 16:39
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.kb.cert.org/vuls/id/895524 | third-party-advisory, x_refsource_CERT-VN | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:52:27.225Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#895524",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/895524"
},
{
"name": "SSRT101254",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-23T10:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "VU#895524",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/895524"
},
{
"name": "SSRT101254",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-4821",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#895524",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/895524"
},
{
"name": "SSRT101254",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-4821",
"datePublished": "2013-09-23T10:00:00Z",
"dateReserved": "2013-07-12T00:00:00Z",
"dateUpdated": "2024-09-16T16:39:15.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-4396
Vulnerability from cvelistv5
Published
2016-10-28 21:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/93961 | vdb-entry, x_refsource_BID | |
| https://www.tenable.com/security/research/tra-2016-32 | x_refsource_MISC | |
| https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 | x_refsource_CONFIRM | |
| https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149 | x_refsource_CONFIRM | |
| http://www.zerodayinitiative.com/advisories/ZDI-16-588 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | HPE | HPE System Management Homepage before v7.6 |
Version: HPE System Management Homepage before v7.6 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.531Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "93961",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93961"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2016-32"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-588"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HPE System Management Homepage before v7.6",
"vendor": "HPE",
"versions": [
{
"status": "affected",
"version": "HPE System Management Homepage before v7.6"
}
]
}
],
"datePublic": "2016-10-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a \"Buffer Overflow\" issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-16T10:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "93961",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93961"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2016-32"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-588"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"ID": "CVE-2016-4396",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HPE System Management Homepage before v7.6",
"version": {
"version_data": [
{
"version_value": "HPE System Management Homepage before v7.6"
}
]
}
}
]
},
"vendor_name": "HPE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a \"Buffer Overflow\" issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93961",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93961"
},
{
"name": "https://www.tenable.com/security/research/tra-2016-32",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2016-32"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"name": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149",
"refsource": "CONFIRM",
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-588",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-588"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2016-4396",
"datePublished": "2016-10-28T21:00:00",
"dateReserved": "2016-04-29T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12549
Vulnerability from cvelistv5
Published
2018-02-15 22:00
Modified
2024-09-16 18:54
Severity ?
EPSS score ?
Summary
A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1039437 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/101029 | vdb-entry, x_refsource_BID | |
| https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Hewlett Packard Enterprise | System Management Homepage for Windows and Linux |
Version: prior to 7.6.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:43:55.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039437",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "System Management Homepage for Windows and Linux",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "prior to 7.6.1"
}
]
}
],
"datePublic": "2017-09-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "local authentication bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T15:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "1039437",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-09-26T00:00:00",
"ID": "CVE-2017-12549",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "System Management Homepage for Windows and Linux",
"version": {
"version_data": [
{
"version_value": "prior to 7.6.1"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "local authentication bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039437",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101029"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2017-12549",
"datePublished": "2018-02-15T22:00:00Z",
"dateReserved": "2017-08-05T00:00:00",
"dateUpdated": "2024-09-16T18:54:56.497Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12545
Vulnerability from cvelistv5
Published
2018-02-15 22:00
Modified
2024-09-17 04:25
Severity ?
EPSS score ?
Summary
A remote denial of service vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.tenable.com/security/research/tra-2017-30 | x_refsource_MISC | |
| http://www.securitytracker.com/id/1039437 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/101029 | vdb-entry, x_refsource_BID | |
| https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Hewlett Packard Enterprise | System Management Homepage for Windows and Linux |
Version: prior to 7.6.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:43:55.919Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2017-30"
},
{
"name": "1039437",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "System Management Homepage for Windows and Linux",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "prior to 7.6.1"
}
]
}
],
"datePublic": "2017-09-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote denial of service vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T15:57:01",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2017-30"
},
{
"name": "1039437",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101029"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-09-26T00:00:00",
"ID": "CVE-2017-12545",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "System Management Homepage for Windows and Linux",
"version": {
"version_data": [
{
"version_value": "prior to 7.6.1"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote denial of service vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2017-30",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2017-30"
},
{
"name": "1039437",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039437"
},
{
"name": "101029",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101029"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2017-12545",
"datePublished": "2018-02-15T22:00:00Z",
"dateReserved": "2017-08-05T00:00:00",
"dateUpdated": "2024-09-17T04:25:13.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-1586
Vulnerability from cvelistv5
Published
2010-04-28 22:00
Modified
2024-08-07 01:28
Severity ?
EPSS score ?
Summary
Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/39676 | vdb-entry, x_refsource_BID | |
| http://yehg.net/lab/pr0js/advisories/hp_system_management_homepage_url_redirection_abuse | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/58107 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:28:42.889Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39676",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39676"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://yehg.net/lab/pr0js/advisories/hp_system_management_homepage_url_redirection_abuse"
},
{
"name": "hp-smh-redirecturl-phishing(58107)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58107"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "39676",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39676"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://yehg.net/lab/pr0js/advisories/hp_system_management_homepage_url_redirection_abuse"
},
{
"name": "hp-smh-redirecturl-phishing(58107)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58107"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1586",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39676",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39676"
},
{
"name": "http://yehg.net/lab/pr0js/advisories/hp_system_management_homepage_url_redirection_abuse",
"refsource": "MISC",
"url": "http://yehg.net/lab/pr0js/advisories/hp_system_management_homepage_url_redirection_abuse"
},
{
"name": "hp-smh-redirecturl-phishing(58107)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58107"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1586",
"datePublished": "2010-04-28T22:00:00",
"dateReserved": "2010-04-28T00:00:00",
"dateUpdated": "2024-08-07T01:28:42.889Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-4413
Vulnerability from cvelistv5
Published
2008-11-04 18:00
Modified
2024-08-07 10:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 and earlier on HP-UX B.11.11 and B.11.23, and SMH 2.2.6 and 2.2.8 and earlier on HP-UX B.11.23 and B.11.31, allows local users to gain "unauthorized access" via unknown vectors, possibly related to temporary file permissions.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=122581539223159&w=2 | vendor-advisory, x_refsource_HP | |
| http://osvdb.org/49521 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/46313 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2008/2999 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/32544 | third-party-advisory, x_refsource_SECUNIA | |
| http://marc.info/?l=bugtraq&m=122581539223159&w=2 | vendor-advisory, x_refsource_HP | |
| http://www.securitytracker.com/id?1021133 | vdb-entry, x_refsource_SECTRACK | |
| http://securityreason.com/securityalert/4545 | third-party-advisory, x_refsource_SREASON |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:17:09.208Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBMA02380",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122581539223159\u0026w=2"
},
{
"name": "49521",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/49521"
},
{
"name": "smh-unspecified-priv-escalation(46313)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46313"
},
{
"name": "ADV-2008-2999",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2999"
},
{
"name": "32544",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32544"
},
{
"name": "SSRT080121",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122581539223159\u0026w=2"
},
{
"name": "1021133",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021133"
},
{
"name": "4545",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 and earlier on HP-UX B.11.11 and B.11.23, and SMH 2.2.6 and 2.2.8 and earlier on HP-UX B.11.23 and B.11.31, allows local users to gain \"unauthorized access\" via unknown vectors, possibly related to temporary file permissions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "HPSBMA02380",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122581539223159\u0026w=2"
},
{
"name": "49521",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/49521"
},
{
"name": "smh-unspecified-priv-escalation(46313)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46313"
},
{
"name": "ADV-2008-2999",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2999"
},
{
"name": "32544",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32544"
},
{
"name": "SSRT080121",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122581539223159\u0026w=2"
},
{
"name": "1021133",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021133"
},
{
"name": "4545",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4545"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4413",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 and earlier on HP-UX B.11.11 and B.11.23, and SMH 2.2.6 and 2.2.8 and earlier on HP-UX B.11.23 and B.11.31, allows local users to gain \"unauthorized access\" via unknown vectors, possibly related to temporary file permissions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMA02380",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=122581539223159\u0026w=2"
},
{
"name": "49521",
"refsource": "OSVDB",
"url": "http://osvdb.org/49521"
},
{
"name": "smh-unspecified-priv-escalation(46313)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46313"
},
{
"name": "ADV-2008-2999",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2999"
},
{
"name": "32544",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32544"
},
{
"name": "SSRT080121",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=122581539223159\u0026w=2"
},
{
"name": "1021133",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021133"
},
{
"name": "4545",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4545"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4413",
"datePublished": "2008-11-04T18:00:00",
"dateReserved": "2008-10-03T00:00:00",
"dateUpdated": "2024-08-07T10:17:09.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-6188
Vulnerability from cvelistv5
Published
2014-03-14 10:00
Modified
2024-08-06 17:29
Severity ?
EPSS score ?
Summary
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 7.1 through 7.2.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138 | vendor-advisory, x_refsource_HP | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:29:43.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT101149",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
},
{
"name": "HPSBMU02947",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 7.1 through 7.2.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-03-14T05:57:00",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT101149",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
},
{
"name": "HPSBMU02947",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-6188",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 7.1 through 7.2.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT101149",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
},
{
"name": "HPSBMU02947",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-6188",
"datePublished": "2014-03-14T10:00:00",
"dateReserved": "2013-10-21T00:00:00",
"dateUpdated": "2024-08-06T17:29:43.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-1023
Vulnerability from cvelistv5
Published
2006-03-07 00:00
Modified
2024-08-07 16:56
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in HP System Management Homepage (SMH) 2.0.0 through 2.1.4 on Windows allows remote attackers to access certain files via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/19059 | third-party-advisory, x_refsource_SECUNIA | |
| http://securitytracker.com/id?1015692 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2006/0769 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/archive/1/426345/100/0/threaded | vendor-advisory, x_refsource_HP | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/24996 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/16876 | vdb-entry, x_refsource_BID | |
| http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00601530 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:56:15.326Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19059",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19059"
},
{
"name": "1015692",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015692"
},
{
"name": "ADV-2006-0769",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0769"
},
{
"name": "SSRT061118",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426345/100/0/threaded"
},
{
"name": "hp-system-managemenet-homepage-dir-traversal(24996)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24996"
},
{
"name": "16876",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16876"
},
{
"name": "HPSBMA02099",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00601530"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in HP System Management Homepage (SMH) 2.0.0 through 2.1.4 on Windows allows remote attackers to access certain files via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19059",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19059"
},
{
"name": "1015692",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015692"
},
{
"name": "ADV-2006-0769",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0769"
},
{
"name": "SSRT061118",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/426345/100/0/threaded"
},
{
"name": "hp-system-managemenet-homepage-dir-traversal(24996)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24996"
},
{
"name": "16876",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16876"
},
{
"name": "HPSBMA02099",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00601530"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1023",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in HP System Management Homepage (SMH) 2.0.0 through 2.1.4 on Windows allows remote attackers to access certain files via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19059",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19059"
},
{
"name": "1015692",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015692"
},
{
"name": "ADV-2006-0769",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0769"
},
{
"name": "SSRT061118",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/426345/100/0/threaded"
},
{
"name": "hp-system-managemenet-homepage-dir-traversal(24996)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24996"
},
{
"name": "16876",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16876"
},
{
"name": "HPSBMA02099",
"refsource": "HP",
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00601530"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1023",
"datePublished": "2006-03-07T00:00:00",
"dateReserved": "2006-03-06T00:00:00",
"dateUpdated": "2024-08-07T16:56:15.326Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-4185
Vulnerability from cvelistv5
Published
2010-02-05 22:13
Modified
2024-08-07 06:54
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/38341 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/38081 | vdb-entry, x_refsource_BID | |
| http://marc.info/?l=bugtraq&m=126529736830358&w=2 | vendor-advisory, x_refsource_HP | |
| http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr09-15 | x_refsource_MISC | |
| http://www.securitytracker.com/id?1023541 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2010/0294 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/archive/1/509195/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://marc.info/?l=bugtraq&m=126529736830358&w=2 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:54:10.076Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "38341",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38341"
},
{
"name": "38081",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38081"
},
{
"name": "SSRT090220",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126529736830358\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr09-15"
},
{
"name": "1023541",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023541"
},
{
"name": "ADV-2010-0294",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0294"
},
{
"name": "20100127 PR09-15: XSS injection vulnerability within HP System Management Homepage (Insight Manager)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/509195/100/0/threaded"
},
{
"name": "HPSBMA02504",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126529736830358\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-01-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "38341",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38341"
},
{
"name": "38081",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38081"
},
{
"name": "SSRT090220",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126529736830358\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr09-15"
},
{
"name": "1023541",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023541"
},
{
"name": "ADV-2010-0294",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0294"
},
{
"name": "20100127 PR09-15: XSS injection vulnerability within HP System Management Homepage (Insight Manager)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/509195/100/0/threaded"
},
{
"name": "HPSBMA02504",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126529736830358\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2009-4185",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "38341",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38341"
},
{
"name": "38081",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38081"
},
{
"name": "SSRT090220",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=126529736830358\u0026w=2"
},
{
"name": "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr09-15",
"refsource": "MISC",
"url": "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr09-15"
},
{
"name": "1023541",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023541"
},
{
"name": "ADV-2010-0294",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0294"
},
{
"name": "20100127 PR09-15: XSS injection vulnerability within HP System Management Homepage (Insight Manager)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/509195/100/0/threaded"
},
{
"name": "HPSBMA02504",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=126529736830358\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2009-4185",
"datePublished": "2010-02-05T22:13:00",
"dateReserved": "2009-12-03T00:00:00",
"dateUpdated": "2024-08-07T06:54:10.076Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-2359
Vulnerability from cvelistv5
Published
2013-07-19 18:00
Modified
2024-09-17 00:45
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2360.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:36:46.046Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT100907",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2360."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-07-19T18:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT100907",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-2359",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2360."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT100907",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-2359",
"datePublished": "2013-07-19T18:00:00Z",
"dateReserved": "2013-03-04T00:00:00Z",
"dateUpdated": "2024-09-17T00:45:44.107Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-4543
Vulnerability from cvelistv5
Published
2016-05-22 01:00
Modified
2024-08-06 00:32
Severity ?
EPSS score ?
Summary
The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:32:25.788Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
},
{
"name": "89844",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/89844"
},
{
"name": "openSUSE-SU-2016:1524",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html"
},
{
"name": "GLSA-201611-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"name": "RHSA-2016:2750",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"name": "[oss-security] 20160505 CVE Request: PHP: several issues fixed with 7.0.6, 5.6.21 and 5.5.35",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/05/21"
},
{
"name": "DSA-3602",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3602"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.php.net/bug.php?id=72094"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.php.net/?p=php-src.git%3Ba=commit%3Bh=082aecfc3a753ad03be82cf14f03ac065723ec92"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"name": "openSUSE-SU-2016:1357",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html"
},
{
"name": "FEDORA-2016-f4e73663f4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
},
{
"name": "89844",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/89844"
},
{
"name": "openSUSE-SU-2016:1524",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html"
},
{
"name": "GLSA-201611-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"name": "RHSA-2016:2750",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"name": "[oss-security] 20160505 CVE Request: PHP: several issues fixed with 7.0.6, 5.6.21 and 5.5.35",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/05/21"
},
{
"name": "DSA-3602",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3602"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.php.net/bug.php?id=72094"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.php.net/?p=php-src.git%3Ba=commit%3Bh=082aecfc3a753ad03be82cf14f03ac065723ec92"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"name": "openSUSE-SU-2016:1357",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html"
},
{
"name": "FEDORA-2016-f4e73663f4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2016-4543",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
},
{
"name": "89844",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/89844"
},
{
"name": "openSUSE-SU-2016:1524",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html"
},
{
"name": "GLSA-201611-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"name": "RHSA-2016:2750",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"name": "[oss-security] 20160505 CVE Request: PHP: several issues fixed with 7.0.6, 5.6.21 and 5.5.35",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/05/21"
},
{
"name": "DSA-3602",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3602"
},
{
"name": "http://php.net/ChangeLog-5.php",
"refsource": "CONFIRM",
"url": "http://php.net/ChangeLog-5.php"
},
{
"name": "https://bugs.php.net/bug.php?id=72094",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=72094"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"name": "http://php.net/ChangeLog-7.php",
"refsource": "CONFIRM",
"url": "http://php.net/ChangeLog-7.php"
},
{
"name": "https://git.php.net/?p=php-src.git;a=commit;h=082aecfc3a753ad03be82cf14f03ac065723ec92",
"refsource": "CONFIRM",
"url": "https://git.php.net/?p=php-src.git;a=commit;h=082aecfc3a753ad03be82cf14f03ac065723ec92"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"name": "openSUSE-SU-2016:1357",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html"
},
{
"name": "FEDORA-2016-f4e73663f4",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2016-4543",
"datePublished": "2016-05-22T01:00:00",
"dateReserved": "2016-05-05T00:00:00",
"dateUpdated": "2024-08-06T00:32:25.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-3148
Vulnerability from cvelistv5
Published
2015-04-24 14:00
Modified
2024-08-06 05:39
Severity ?
EPSS score ?
Summary
cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:39:31.988Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBHF03544",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145612005512270\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://curl.haxx.se/docs/adv_20150422B.html"
},
{
"name": "FEDORA-2015-6853",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html"
},
{
"name": "DSA-3232",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3232"
},
{
"name": "FEDORA-2015-6712",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html"
},
{
"name": "74301",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74301"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "MDVSA-2015:219",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219"
},
{
"name": "USN-2591-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2591-1"
},
{
"name": "1032232",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032232"
},
{
"name": "APPLE-SA-2015-08-13-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "RHSA-2015:1254",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html"
},
{
"name": "MDVSA-2015:220",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:220"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name": "openSUSE-SU-2015:0799",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0179.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "GLSA-201509-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"name": "FEDORA-2015-6728",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html"
},
{
"name": "FEDORA-2015-6695",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html"
},
{
"name": "FEDORA-2015-6864",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "HPSBHF03544",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145612005512270\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://curl.haxx.se/docs/adv_20150422B.html"
},
{
"name": "FEDORA-2015-6853",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html"
},
{
"name": "DSA-3232",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3232"
},
{
"name": "FEDORA-2015-6712",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html"
},
{
"name": "74301",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74301"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "MDVSA-2015:219",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219"
},
{
"name": "USN-2591-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2591-1"
},
{
"name": "1032232",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032232"
},
{
"name": "APPLE-SA-2015-08-13-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "RHSA-2015:1254",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html"
},
{
"name": "MDVSA-2015:220",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:220"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name": "openSUSE-SU-2015:0799",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0179.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "GLSA-201509-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"name": "FEDORA-2015-6728",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html"
},
{
"name": "FEDORA-2015-6695",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html"
},
{
"name": "FEDORA-2015-6864",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-3148",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBHF03544",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=145612005512270\u0026w=2"
},
{
"name": "http://curl.haxx.se/docs/adv_20150422B.html",
"refsource": "CONFIRM",
"url": "http://curl.haxx.se/docs/adv_20150422B.html"
},
{
"name": "FEDORA-2015-6853",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html"
},
{
"name": "DSA-3232",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3232"
},
{
"name": "FEDORA-2015-6712",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html"
},
{
"name": "74301",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74301"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "MDVSA-2015:219",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219"
},
{
"name": "USN-2591-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2591-1"
},
{
"name": "1032232",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032232"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "RHSA-2015:1254",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html"
},
{
"name": "MDVSA-2015:220",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:220"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name": "openSUSE-SU-2015:0799",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0179.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0179.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "GLSA-201509-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"name": "FEDORA-2015-6728",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html"
},
{
"name": "FEDORA-2015-6695",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html"
},
{
"name": "FEDORA-2015-6864",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-3148",
"datePublished": "2015-04-24T14:00:00",
"dateReserved": "2015-04-10T00:00:00",
"dateUpdated": "2024-08-06T05:39:31.988Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-3846
Vulnerability from cvelistv5
Published
2012-04-12 10:00
Modified
2024-09-17 00:46
Severity ?
EPSS score ?
Summary
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 6.2.2.7 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/43012 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:46:03.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "43012",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43012"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 6.2.2.7 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-04-12T10:00:00Z",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "43012",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43012"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2011-3846",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 6.2.2.7 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "43012",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43012"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2011-3846",
"datePublished": "2012-04-12T10:00:00Z",
"dateReserved": "2011-09-26T00:00:00Z",
"dateUpdated": "2024-09-17T00:46:12.910Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-1034
Vulnerability from cvelistv5
Published
2010-04-23 14:00
Modified
2024-08-07 01:06
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) 6.0 before 6.0.0-95 on Linux, and 6.0 before 6.0.0.96 on Windows, allows remote authenticated users to obtain sensitive information, modify data, and cause a denial of service via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444 | vendor-advisory, x_refsource_HP | |
| http://www.osvdb.org/64089 | vdb-entry, x_refsource_OSVDB | |
| http://securitytracker.com/id?1023909 | vdb-entry, x_refsource_SECTRACK | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:06:52.700Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBMA02492",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"name": "64089",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/64089"
},
{
"name": "1023909",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023909"
},
{
"name": "SSRT100079",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) 6.0 before 6.0.0-95 on Linux, and 6.0 before 6.0.0.96 on Windows, allows remote authenticated users to obtain sensitive information, modify data, and cause a denial of service via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-30T09:00:00",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBMA02492",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"name": "64089",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/64089"
},
{
"name": "1023909",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023909"
},
{
"name": "SSRT100079",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2010-1034",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) 6.0 before 6.0.0-95 on Linux, and 6.0 before 6.0.0.96 on Windows, allows remote authenticated users to obtain sensitive information, modify data, and cause a denial of service via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMA02492",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"name": "64089",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/64089"
},
{
"name": "1023909",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023909"
},
{
"name": "SSRT100079",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2010-1034",
"datePublished": "2010-04-23T14:00:00",
"dateReserved": "2010-03-19T00:00:00",
"dateUpdated": "2024-08-07T01:06:52.700Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-2642
Vulnerability from cvelistv5
Published
2014-10-02 00:00
Modified
2024-08-06 10:21
Severity ?
EPSS score ?
Summary
HP System Management Homepage (SMH) before 7.4 allows remote attackers to conduct clickjacking attacks via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322 | vendor-advisory, x_refsource_HP | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322 | vendor-advisory, x_refsource_HP | |
| http://www.securitytracker.com/id/1030960 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:21:35.788Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT101701",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"name": "HPSBMU03112",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"name": "1030960",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030960"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HP System Management Homepage (SMH) before 7.4 allows remote attackers to conduct clickjacking attacks via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-14T16:57:00",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT101701",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"name": "HPSBMU03112",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"name": "1030960",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030960"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2014-2642",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HP System Management Homepage (SMH) before 7.4 allows remote attackers to conduct clickjacking attacks via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT101701",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"name": "HPSBMU03112",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"name": "1030960",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030960"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2014-2642",
"datePublished": "2014-10-02T00:00:00",
"dateReserved": "2014-03-24T00:00:00",
"dateUpdated": "2024-08-06T10:21:35.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-3145
Vulnerability from cvelistv5
Published
2015-04-24 14:00
Modified
2024-08-06 05:39
Severity ?
EPSS score ?
Summary
The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:39:30.959Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "74303",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74303"
},
{
"name": "FEDORA-2015-6853",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html"
},
{
"name": "DSA-3232",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3232"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://curl.haxx.se/docs/adv_20150422C.html"
},
{
"name": "FEDORA-2015-6712",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html"
},
{
"name": "MDVSA-2015:219",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219"
},
{
"name": "USN-2591-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2591-1"
},
{
"name": "1032232",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032232"
},
{
"name": "APPLE-SA-2015-08-13-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name": "openSUSE-SU-2015:0799",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0179.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "GLSA-201509-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"name": "FEDORA-2015-6728",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html"
},
{
"name": "FEDORA-2015-6695",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html"
},
{
"name": "FEDORA-2015-6864",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T00:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "74303",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74303"
},
{
"name": "FEDORA-2015-6853",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html"
},
{
"name": "DSA-3232",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3232"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://curl.haxx.se/docs/adv_20150422C.html"
},
{
"name": "FEDORA-2015-6712",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html"
},
{
"name": "MDVSA-2015:219",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219"
},
{
"name": "USN-2591-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2591-1"
},
{
"name": "1032232",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032232"
},
{
"name": "APPLE-SA-2015-08-13-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name": "openSUSE-SU-2015:0799",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0179.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "GLSA-201509-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"name": "FEDORA-2015-6728",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html"
},
{
"name": "FEDORA-2015-6695",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html"
},
{
"name": "FEDORA-2015-6864",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-3145",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "74303",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74303"
},
{
"name": "FEDORA-2015-6853",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html"
},
{
"name": "DSA-3232",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3232"
},
{
"name": "http://curl.haxx.se/docs/adv_20150422C.html",
"refsource": "CONFIRM",
"url": "http://curl.haxx.se/docs/adv_20150422C.html"
},
{
"name": "FEDORA-2015-6712",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html"
},
{
"name": "MDVSA-2015:219",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219"
},
{
"name": "USN-2591-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2591-1"
},
{
"name": "1032232",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032232"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name": "openSUSE-SU-2015:0799",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0179.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0179.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "GLSA-201509-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"name": "FEDORA-2015-6728",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html"
},
{
"name": "FEDORA-2015-6695",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html"
},
{
"name": "FEDORA-2015-6864",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-3145",
"datePublished": "2015-04-24T14:00:00",
"dateReserved": "2015-04-10T00:00:00",
"dateUpdated": "2024-08-06T05:39:30.959Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-2640
Vulnerability from cvelistv5
Published
2014-10-02 00:00
Modified
2024-08-06 10:21
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322 | vendor-advisory, x_refsource_HP | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322 | vendor-advisory, x_refsource_HP | |
| http://www.securitytracker.com/id/1030960 | vdb-entry, x_refsource_SECTRACK | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322 | vendor-advisory, x_refsource_HP | |
| http://www.kb.cert.org/vuls/id/125228 | third-party-advisory, x_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:21:35.890Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBMU03112",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"name": "SSRT101438",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"name": "1030960",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030960"
},
{
"name": "SSRT101633",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"name": "VU#125228",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/125228"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-14T16:57:00",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBMU03112",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"name": "SSRT101438",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"name": "1030960",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030960"
},
{
"name": "SSRT101633",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"name": "VU#125228",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/125228"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2014-2640",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMU03112",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"name": "SSRT101438",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"name": "1030960",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030960"
},
{
"name": "SSRT101633",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322"
},
{
"name": "VU#125228",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/125228"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2014-2640",
"datePublished": "2014-10-02T00:00:00",
"dateReserved": "2014-03-24T00:00:00",
"dateUpdated": "2024-08-06T10:21:35.890Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-2357
Vulnerability from cvelistv5
Published
2013-07-19 18:00
Modified
2024-09-16 18:59
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2358, CVE-2013-2359, and CVE-2013-2360.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP | |
| https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:36:46.293Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT100907",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2358, CVE-2013-2359, and CVE-2013-2360."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-07-19T18:00:00Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT100907",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-2357",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2358, CVE-2013-2359, and CVE-2013-2360."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT100907",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "HPSBMU02900",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2013-2357",
"datePublished": "2013-07-19T18:00:00Z",
"dateReserved": "2013-03-04T00:00:00Z",
"dateUpdated": "2024-09-16T18:59:40.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-2015
Vulnerability from cvelistv5
Published
2016-05-14 15:00
Modified
2024-08-05 23:17
Severity ?
EPSS score ?
Summary
HPE System Management Homepage before 7.5.5 allows local users to obtain sensitive information or modify data via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017 | x_refsource_CONFIRM | |
| https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1035775 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:17:49.884Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
},
{
"name": "1035775",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035775"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HPE System Management Homepage before 7.5.5 allows local users to obtain sensitive information or modify data via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
},
{
"name": "1035775",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035775"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2015",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE System Management Homepage before 7.5.5 allows local users to obtain sensitive information or modify data via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
},
{
"name": "1035775",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035775"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-2015",
"datePublished": "2016-05-14T15:00:00",
"dateReserved": "2016-01-22T00:00:00",
"dateUpdated": "2024-08-05T23:17:49.884Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}