Summary
HP System Management Homepage is prone to multiple Vulnerabilities.
1. An HTTP response-splitting vulnerability.
Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into a false sense of trust.
2. An unspecified remote information-disclosure vulnerability.
Remote attackers can exploit this issue to obtain sensitive information that may lead to further attacks.
HP System Management Homepage versions prior to 6.2 are vulnerable.
Solution
Updates are available
please see the references for more information.
References
Severity
Classification
-
CVE CVE-2010-3009, CVE-2010-3011, CVE-2010-3012 -
CVSS Base Score: 9.0
AV:N/AC:L/Au:S/C:C/I:C/A:C
Related Vulnerabilities