Lucene search
K

4 matches found

Check Point Advisories
Check Point Advisories
added 2015/06/25 12:0 a.m.6 views

HP SiteScope Log Analyzer Information Disclosure (CVE-2015-2120)

A privilege escalation vulnerability exists in HP SiteScope. The vulnerability is due to improper validation of the log path, allowing the user to read the users.config file. A remote, authenticated attacker may exploit this vulnerability by submitting a crafted log path...

8.7CVSS6.3AI score0.03484EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/06/10 12:0 a.m.61 views

HP SiteScope Log Analysis Tool Remote Privilege Escalation (credentialed check)

The HP SiteScope application installed on the remote host is affected by a privilege escalation vulnerability due to a failure to restrict the log path within the Log Analysis Tool. A remote, authenticated attacker can exploit this flaw to read the 'users.config' file, allowing an attacker to...

8.7CVSS5.6AI score0.03484EPSS
Exploits0References3
securityvulns
securityvulns
added 2015/06/01 12:0 a.m.44 views

[security bulletin] HPSBGN03325 rev.1 - HP SiteScope, Remote Elevation of Privilege

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04688784 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04688784 Version: 1 HPSBGN03325 rev....

8.7CVSS1.1AI score0.03484EPSS
Exploits0
CVE
CVE
added 2015/05/25 2:0 p.m.67 views

CVE-2015-2120

HP SiteScope CVE-2015-2120 is a remote privilege-escalation flaw in the Log Analysis Tool that arises from improper log-path validation, allowing an authenticated remote user to read the users.config file and escalate privileges to administrator. Affected: SiteScope v11.1x (before 11.13), v11.2x ...

8.7CVSS6.5AI score0.03484EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder