21 matches found
HP System Management Homepage < 7.4 Multiple Vulnerabilities
According to the web server's banner, the version of HP System Management Homepage SMH hosted on the remote web server is affected by the following vulnerabilities : - A flaw exists within the included cURL that disables the 'CURLOPTSSLVERIFYHOST' check when the setting on 'CURLOPTSSLVERIFYPEER' ...
[security bulletin] HPSBMU02998 rev.1 - HP System Management Homepage (SMH) running OpenSSL on Linux and Windows, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04239372 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04239372 Version: 1 HPSBMU02998 rev....
CVE-2013-4846
Unspecified vulnerability in HP System Management Homepage SMH before 7.3 allows remote attackers to obtain sensitive information via unknown vectors...
Code injection
Unspecified vulnerability in HP System Management Homepage SMH before 7.3 allows remote attackers to obtain sensitive information via unknown vectors...
KLA10193 OSI vulnerability in HP SMH
An unspecified vulnerability was found in HP SMH. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely by unknown vectors. Original advisories - Related products HP-System-Management-Homepage CVE list CVE-2013-4846 warning...
KLA10458 Multiple vulnerabilities in HP SMH
Multiple vulnerabilities was found in HP SMH. By exploiting these vulnerabilities malicious users can conduct XSS, CSRF and clicjacking attacks via unspecified vectors. These vulnerabilities can be exploited remotely. Original advisories HP bulletin Related products HP-System-Management-Homepage...
CVE-2013-4821
Unspecified vulnerability in HP System Management Homepage SMH before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors...
Code injection
Unspecified vulnerability in HP System Management Homepage SMH before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors...
CVE-2013-2361
Cross-site scripting XSS vulnerability in HP System Management Homepage SMH before 7.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Code injection
Unspecified vulnerability in HP System Management Homepage SMH before 7.2.1 allows local users to cause a denial of service via unknown vectors, aka ZDI-CAN-1676...
Cross site scripting
Cross-site scripting XSS vulnerability in HP System Management Homepage SMH before 7.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-2364
CVE-2013-2364 is an XSS flaw in HP System Management Homepage (SMH) prior to v7.2.1. Remote authenticated users could inject arbitrary web scripts via unspecified vectors, potentially impacting confidentiality and integrity of SMH sessions. Public records consistently cite SMH
CVE-2013-2363
HP System Management Homepage SMH before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2356...
CVE-2012-0135
HP System Management Homepage (SMH) prior to version 7.0 is affected by an unspecified vulnerability that allows remote authenticated users to cause a denial of service via unknown vectors. The CVE entry is consistently described across sources as affecting SMH before 7.0, with a LOW CVSS v2 base...
CVE-2010-3284
Unspecified vulnerability in HP System Management Homepage SMH before 6.2 allows remote attackers to obtain sensitive information via unknown vectors...
CVE-2010-3284
HP System Management Homepage (SMH) before version 6.2 is affected by a remote information-disclosure vulnerability (CVE-2010-3284). HP’s security bulletin HPSBMA02578 and Red Hat advisory confirm the impact and that upgrading to SMH 6.2 or later mitigates/remediates the issue. The CVSS 2.0 base ...
CVE-2010-3012
Cross-site scripting XSS vulnerability in HP System Management Homepage SMH before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this issue was originally assigned CVE-2010-3010 due to a CNA error...
Cross site scripting
Cross-site scripting XSS vulnerability in HP System Management Homepage SMH before 3.0.1.73 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2007-4931
HP System Management Homepage SMH for Windows, when used in conjunction with HP Version Control Agent or Version Control Repository Manager, leaves old OpenSSL software active after an OpenSSL update, which has unknown impact and attack vectors, probably related to previous vulnerabilities for...
Cross site scripting
Cross-site scripting XSS vulnerability in HP System Management Homepage SMH before 2.1.2 running on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...