Lucene search
HistoryJun 14, 2013 - 1:07 p.m.
CVE-2013-3575
cve-2013-3575
hp insight diagnostics
remote code execution
security vulnerability
7 High
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
77.0%
hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote attackers to include arbitrary hpdiags/frontend2/help/ .html files via the path parameter.
| CPE | Name | Operator | Version |
|---|---|---|---|
| hp:insight_diagnostics | hp insight diagnostics | eq | 9.4.0.4710 |
References
Related
prion
prion
Hardcoded credentials
2013-06-14 13:07:00
cvelist
cvelist
CVE-2013-3575
2022-10-03 16:14:46
threatpost
threatpost
Three Vulnerabilities Exist in HP's Insight Diagnostics
2013-06-10 13:47:25
attackerkb
attackerkb
HP Insight Diagnostics 8.20 b2878 multiple vulnerabilities
2013-06-14 00:00:00
cert
cert
HP Insight Diagnostics 8.20 b2878 multiple vulnerabilities
2013-06-10 00:00:00
7 High
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
77.0%
Related for CVE-2013-3575