Multiple HP ProCurve Switches CVE-2012-5216 Cross Site Request Forgery Vulnerability
BID:58701
Info
Multiple HP ProCurve Switches CVE-2012-5216 Cross Site Request Forgery Vulnerability
| Bugtraq ID: | 58701 |
| Class: | Input Validation Error |
| CVE: |
CVE-2012-5216 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 25 2013 12:00AM |
| Updated: | Mar 25 2013 12:00AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
Multiple HP ProCurve Switches CVE-2012-5216 Cross Site Request Forgery Vulnerability
Multiple HP ProCurve switches are prone to a cross-site request-forgery vulnerability.
Exploiting this issue may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks.
The following products are vulnerable:
HP ProCurve 1700-8 Switch (Model J9079A)
HP ProCurve 1700-24 Switch (Model J9080A)
Multiple HP ProCurve switches are prone to a cross-site request-forgery vulnerability.
Exploiting this issue may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks.
The following products are vulnerable:
HP ProCurve 1700-8 Switch (Model J9079A)
HP ProCurve 1700-24 Switch (Model J9080A)
Exploit / POC
Multiple HP ProCurve Switches CVE-2012-5216 Cross Site Request Forgery Vulnerability
To exploit this issue, an attacker must entice an unsuspecting victim to follow a malicious URI or visit a malicious website.
To exploit this issue, an attacker must entice an unsuspecting victim to follow a malicious URI or visit a malicious website.
Solution / Fix
Multiple HP ProCurve Switches CVE-2012-5216 Cross Site Request Forgery Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Multiple HP ProCurve Switches CVE-2012-5216 Cross Site Request Forgery Vulnerability
References:
References: