Multiple HP Products Multiple Unspecified Remote Security Vulnerabilities
BID:58385
Info
Multiple HP Products Multiple Unspecified Remote Security Vulnerabilities
| Bugtraq ID: | 58385 |
| Class: | Input Validation Error |
| CVE: |
CVE-2012-5200 CVE-2012-5201 CVE-2012-5202 CVE-2012-5203 CVE-2012-5204 CVE-2012-5205 CVE-2012-5206 CVE-2012-5207 CVE-2012-5208 CVE-2012-5209 CVE-2012-5210 CVE-2012-5211 CVE-2012-5212 CVE-2012-5213 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 07 2013 12:00AM |
| Updated: | Mar 07 2013 12:00AM |
| Credit: | Andrea Micalizzi and Julien Ahrens |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
Multiple HP Products Multiple Unspecified Remote Security Vulnerabilities
Multiple HP Products are prone to multiple unspecified remote security vulnerabilities:
1. A cross-site scripting vulnerability
2. Multiple remote code-execution vulnerabilities
3. Multiple information-disclosure vulnerabilities
Attackers may leverage these issues to steal cookie-based authentication credentials, execute arbitrary script code in the browser, or disclose sensitive information; other attacks are also possible.
The following product versions are affected:
HP Intelligent Management Center Enterprise Edition 5.1 E0202 and prior versions
HP Intelligent Management Center Standard Edition 5.1 E0202 and prior versions
HP Intelligent Management Center for Automated Network Manager 5.1 E0202 and prior versions
HP Intelligent Management Center User Access Manager (UAM) 5.1 and prior versions
HP Intelligent Management Center TACACS+ Authentication Manager 5.1 and prior versions
Multiple HP Products are prone to multiple unspecified remote security vulnerabilities:
1. A cross-site scripting vulnerability
2. Multiple remote code-execution vulnerabilities
3. Multiple information-disclosure vulnerabilities
Attackers may leverage these issues to steal cookie-based authentication credentials, execute arbitrary script code in the browser, or disclose sensitive information; other attacks are also possible.
The following product versions are affected:
HP Intelligent Management Center Enterprise Edition 5.1 E0202 and prior versions
HP Intelligent Management Center Standard Edition 5.1 E0202 and prior versions
HP Intelligent Management Center for Automated Network Manager 5.1 E0202 and prior versions
HP Intelligent Management Center User Access Manager (UAM) 5.1 and prior versions
HP Intelligent Management Center TACACS+ Authentication Manager 5.1 and prior versions
Exploit / POC
Multiple HP Products Multiple Unspecified Remote Security Vulnerabilities
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Multiple HP Products Multiple Unspecified Remote Security Vulnerabilities
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Multiple HP Products Multiple Unspecified Remote Security Vulnerabilities
References:
References:
- HP Homepage (HP)