HP Onboard Administrator Multiple Security Vulnerabilities Network Vulnerability

Summary

HP Onboard Administrator is prone to multiple security vulnerabilities.

Impact

An attacker may exploit these issues to obtain sensitive information, bypass certain security restrictions, and redirect a user to a potentially malicious site this may aid in phishing attacks.

Solution

Updates are available. Please see the references for more information.

Insight

HP Onboard Administrator is prone to: 1. A URI-redirection vulnerability 2. An information-disclosure vulnerability 3. A security-bypass vulnerability

Affected

HP Onboard Administrator (OA) before 3.50

Detection

Check if HP Onboard Administrator version is < 3.50

References

http://h18004.www1.hp.com/products/blades/components/onboard/index.html?jumpid=reg_R1002_USEN
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03263573
http://www.securityfocus.com/bid/52862

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-0128, CVE-2012-0129, CVE-2012-0130

CVSS	Base Score: 7.6 AV:N/AC:H/Au:N/C:C/I:C/A:C

Related Vulnerabilities

3Com OfficeConnect VPN Firewall Default Password Security Bypass Vulnerability
Advantech Studio 'NTWebServer.exe' Directory Traversal Vulnerability
Apache Tomcat Windows Installer Privilege Escalation Vulnerability
AlstraSoft AskMe Pro 'forum_answer.php' and 'profile.php' Multiple SQL Injection Vulnerabilities
AdPeeps 'index.php' Multiple Vulnerabilities.

Take action and discover your vulnerabilities