Lucene search

K
kasperskyKaspersky LabKLA10458
HistoryJan 10, 2014 - 12:00 a.m.

KLA10458 Multiple vulnerabilities in HP SMH

2014-01-1000:00:00
Kaspersky Lab
threats.kaspersky.com
93

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.95 High

EPSS

Percentile

99.2%

Detect date:

01/10/2014

Severity:

Critical

Description:

Multiple vulnerabilities was found in HP SMH. By exploiting these vulnerabilities malicious users can conduct XSS, CSRF and clicjacking attacks via unspecified vectors. These vulnerabilities can be exploited remotely.

Affected products:

HP System Management Homepage (SMH) versions earlier than 7.4

Solution:

Update to latest version
Get HP SMH

Original advisories:

HP bulletin

Impacts:

XSS/CSS

Related products:

HP System Management Homepage

CVE-IDS:

CVE-2013-67125.0Critical
CVE-2013-64224.0Warning
CVE-2014-26416.0High
CVE-2014-26404.3Warning
CVE-2014-26424.3Warning
CVE-2013-64207.5Critical
CVE-2013-45454.3Warning

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.95 High

EPSS

Percentile

99.2%