HP Systems Insight Manager Arbitrary File Download Vulnerability Network Vulnerability

Summary

HP Systems Insight Manager is prone to a vulnerability that lets attackers download arbitrary files. Exploiting this issue will allow an attacker to view arbitrary files within the context of the application. Information harvested may aid in launching further attacks. The issue affects HP Systems Insight Manager versions 6.0 and 6.1.

Solution

Vendor updates are available. Please see the references for more information.

References

http://h18000.www1.hp.com/products/servers/management/hpsim/index.html
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02548231
https://www.securityfocus.com/bid/44098

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-3286

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
1024 CMS 1.1.0 Beta 'force_download.php' Local File Include Vulnerability
AjaXplorer 'doc_file' Parameter Local File Disclosure Vulnerability
2532|Gigs Directory Traversal And SQL Injection Multiple Vulnerabilities
Adobe ColdFusion Multiple Vulnerabilities-03 May-2014

Take action and discover your vulnerabilities