VRDA Feed by JPCERT/CC
  Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis
[ about VRDA Feed | JPCERT/CC



 
Vulnerability Analysis Result (Revision No : 1) [ Download XML
CVE-2010-3012
system_management_homepage: Cross-site scripting (XSS) vulnerability in HP Syst...
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3012

Original

Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this issue was originally assigned CVE-2010-3010 due to a CNA error.

Translation   (Show)





About This Analysis Information
Analysis Information Provider:
NIST NVD
First Published:
2010-09-17
Source Information Category:
Advisory, Alert
Last Updated:
2010-09-20




Affected Product Tags
cpe:/a:hp:system_management_homepage:2.0.0
cpe:/a:hp:system_management_homepage:2.0.1
cpe:/a:hp:system_management_homepage:2.0.1.104
cpe:/a:hp:system_management_homepage:2.0.2
cpe:/a:hp:system_management_homepage:2.0.2.106
cpe:/a:hp:system_management_homepage:2.1
cpe:/a:hp:system_management_homepage:2.1.0-103
cpe:/a:hp:system_management_homepage:2.1.0-103%28a%29
cpe:/a:hp:system_management_homepage:2.1.0-109
cpe:/a:hp:system_management_homepage:2.1.0-118
cpe:/a:hp:system_management_homepage:2.1.0.121
cpe:/a:hp:system_management_homepage:2.1.1
cpe:/a:hp:system_management_homepage:2.1.10
cpe:/a:hp:system_management_homepage:2.1.10-186
cpe:/a:hp:system_management_homepage:2.1.10.186
cpe:/a:hp:system_management_homepage:2.1.10.186:b
cpe:/a:hp:system_management_homepage:2.1.10.186:c
cpe:/a:hp:system_management_homepage:2.1.11
cpe:/a:hp:system_management_homepage:2.1.11-197
cpe:/a:hp:system_management_homepage:2.1.11.197:a
cpe:/a:hp:system_management_homepage:2.1.12-118
cpe:/a:hp:system_management_homepage:2.1.12-200
cpe:/a:hp:system_management_homepage:2.1.12.201
cpe:/a:hp:system_management_homepage:2.1.14.20
cpe:/a:hp:system_management_homepage:2.1.15-210
cpe:/a:hp:system_management_homepage:2.1.15.210
cpe:/a:hp:system_management_homepage:2.1.2
cpe:/a:hp:system_management_homepage:2.1.2-127
cpe:/a:hp:system_management_homepage:2.1.2.127
cpe:/a:hp:system_management_homepage:2.1.3
cpe:/a:hp:system_management_homepage:2.1.3.132
cpe:/a:hp:system_management_homepage:2.1.4
cpe:/a:hp:system_management_homepage:2.1.4-143
cpe:/a:hp:system_management_homepage:2.1.4.143
cpe:/a:hp:system_management_homepage:2.1.5
cpe:/a:hp:system_management_homepage:2.1.5-146
cpe:/a:hp:system_management_homepage:2.1.5.146
cpe:/a:hp:system_management_homepage:2.1.5.146:b
cpe:/a:hp:system_management_homepage:2.1.6
cpe:/a:hp:system_management_homepage:2.1.6-156
cpe:/a:hp:system_management_homepage:2.1.6.156
cpe:/a:hp:system_management_homepage:2.1.7
cpe:/a:hp:system_management_homepage:2.1.7-168
cpe:/a:hp:system_management_homepage:2.1.7.168
cpe:/a:hp:system_management_homepage:2.1.8
cpe:/a:hp:system_management_homepage:2.1.8-177
cpe:/a:hp:system_management_homepage:2.1.8.179
cpe:/a:hp:system_management_homepage:2.1.9
cpe:/a:hp:system_management_homepage:2.1.9-178
cpe:/a:hp:system_management_homepage:2.2.6
cpe:/a:hp:system_management_homepage:2.2.8
cpe:/a:hp:system_management_homepage:3.0.0-68
cpe:/a:hp:system_management_homepage:3.0.0.64
cpe:/a:hp:system_management_homepage:3.0.1-73
cpe:/a:hp:system_management_homepage:3.0.1.73
cpe:/a:hp:system_management_homepage:3.0.2-77
cpe:/a:hp:system_management_homepage:3.0.2.77
cpe:/a:hp:system_management_homepage:3.0.2.77:b
cpe:/a:hp:system_management_homepage:6.0
cpe:/a:hp:system_management_homepage:6.0.0-95
cpe:/a:hp:system_management_homepage:6.0.0.96
cpe:/a:hp:system_management_homepage:6.1 and previous versions
cpe:/a:hp:system_management_homepage:6.1.0-103
cpe:/a:hp:system_management_homepage:6.1.0.102
 


Vulnerability Analysis Results
[Access Vector]  [?]
Undefined [?]

Local [?]
Adjacent Network [?]
X Network [?]
[Access Complexit]  [?]
Undefined [?]

High [?]
X Medium [?]
Low [?]
[Authentication]  [?]
Undefined [?]

Multiple [?]
Single [?]
X None [?]
[Confidentiality Impact]  [?]
Undefined [?]

X None [?]
Partial [?]
Complete [?]
[Integrity Impact]  [?]
Undefined [?]

None [?]
X Partial [?]
Complete [?]
[Availability Impact]  [?]
Undefined [?]

X None [?]
Partial [?]
Complete [?]
Alternatives




References
HP SSRT100219




HP HPSBMA02568




SECUNIA 41490




SECUNIA 41480




Vulnerability Type Cross-Site Scripting (XSS) (CWE-79)




Copyright © 2010 JPCERT/CC All Rights Reserved.