4 matches found
CVE-2012-5202
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/hpimcfaultdownloadservlettraversal.rb 2025-02-06 03:13:40+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23...
HP Intelligent Management FaultDownloadServlet Directory Traversal
This module exploits a lack of authentication and a directory traversal in HP Intelligent Management, specifically in the FaultDownloadServlet, in order to retrieve arbitrary files with SYSTEM privileges. This module has been tested successfully on HP Intelligent Management Center 5.1 E0202 over...
HP Intelligent Management Center < 5.2 E401 Multiple Vulnerabilities
The version of HP Intelligent Management Center running on the remote host is potentially affected by multiple vulnerabilities : - A cross-site scripting vulnerability exists in the 'opentoposymbolid' parameter of the 'topoContent.jsf' script. CVE-2012-5200 - Multiple code execution vulnerabiliti...
CVE-2012-5202
CVE-2012-5202 is an information disclosure vulnerability in HP Intelligent Management Center (iMC) and ANM/FaultDownloadServlet prior to 5.2 E0401. The issue arises from a directory traversal vulnerability that, per the Metasploit module, allows unauthenticated attackers to access arbitrary files...