Summary
This host is running HP System Management Homepage (SMH) and is prone to URL redirection vulnerability.
Impact
Successful exploitation will allow remote attackers to redirect to his choice of malicious site via the trusted vulnerable SMH url or aid in phishing attacks.
Impact Level: Application
Solution
Upgrade HP System Management Homepage version to 6.2 or later For updates refer to http://www.hp.com/servers/manage/smh
Insight
Input data passed to the 'RedirectUrl' parameter in 'red2301.html' is not being properly validated.
Affected
HP System Management Homepage (SMH) version 2.x.
References
Severity
Classification
-
CVE CVE-2010-1586 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability
- Adobe ColdFusion Multiple Vulnerabilities-03 May-2014
- Apache Tomcat Information Disclosure Vulnerability
- Adobe Presenter viewer.swf and loadflash.js XSS Vulnerability
- Apache Struts CookBook/Examples Multiple Cross-Site Scripting Vulnerabilities