VRDA Feed by JPCERT/CC
  Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis
[ about VRDA Feed | JPCERT/CC



 
Vulnerability Analysis Result (Revision No : 1) [ Download XML
CVE-2010-1586
system_management_homepage: Open redirect vulnerability in red2301.html in HP S...
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1586

Original

Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter.

Translation   (Show)





About This Analysis Information
Analysis Information Provider:
NIST NVD
First Published:
2010-04-28
Source Information Category:
Advisory, Alert
Last Updated:
2010-04-29




Affected Product Tags
cpe:/a:hp:system_management_homepage:2.0.0
cpe:/a:hp:system_management_homepage:2.0.1
cpe:/a:hp:system_management_homepage:2.0.2
cpe:/a:hp:system_management_homepage:2.1
cpe:/a:hp:system_management_homepage:2.1.0-103
cpe:/a:hp:system_management_homepage:2.1.0-103%28a%29
cpe:/a:hp:system_management_homepage:2.1.0-109
cpe:/a:hp:system_management_homepage:2.1.0-118
cpe:/a:hp:system_management_homepage:2.1.1
cpe:/a:hp:system_management_homepage:2.1.10-186
cpe:/a:hp:system_management_homepage:2.1.11-197
cpe:/a:hp:system_management_homepage:2.1.12-118
cpe:/a:hp:system_management_homepage:2.1.12-200
cpe:/a:hp:system_management_homepage:2.1.2
cpe:/a:hp:system_management_homepage:2.1.2-127
cpe:/a:hp:system_management_homepage:2.1.3
cpe:/a:hp:system_management_homepage:2.1.3.132
cpe:/a:hp:system_management_homepage:2.1.4
cpe:/a:hp:system_management_homepage:2.1.5
cpe:/a:hp:system_management_homepage:2.1.5-146
cpe:/a:hp:system_management_homepage:2.1.6
cpe:/a:hp:system_management_homepage:2.1.6-156
cpe:/a:hp:system_management_homepage:2.1.7
cpe:/a:hp:system_management_homepage:2.1.7-168
cpe:/a:hp:system_management_homepage:2.1.8
cpe:/a:hp:system_management_homepage:2.1.8-177
cpe:/a:hp:system_management_homepage:2.1.9
cpe:/a:hp:system_management_homepage:2.1.9-178
cpe:/a:hp:system_management_homepage:2.2.6
cpe:/a:hp:system_management_homepage:2.2.8
 


Vulnerability Analysis Results
[Access Vector]  [?]
Undefined [?]

Local [?]
Adjacent Network [?]
X Network [?]
[Access Complexit]  [?]
Undefined [?]

High [?]
X Medium [?]
Low [?]
[Authentication]  [?]
Undefined [?]

Multiple [?]
Single [?]
X None [?]
[Confidentiality Impact]  [?]
Undefined [?]

X None [?]
Partial [?]
Complete [?]
[Integrity Impact]  [?]
Undefined [?]

None [?]
X Partial [?]
Complete [?]
[Availability Impact]  [?]
Undefined [?]

X None [?]
Partial [?]
Complete [?]
Alternatives




References
BID 39676




MISC http://yehg.net/lab/pr0js/advisories/hp_system_management_homepage_url_redirection_abuse




Vulnerability Type Other (NVD-CWE-Other)




XF hp-smh-redirecturl-phishing(58107)




Copyright © 2010 JPCERT/CC All Rights Reserved.