CVE-2010-3283:system_management_homepage: Open redirect vulnerability in HP System Management...

VRDA Feed by

Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis

[ about VRDA Feed | JPCERT/CC ]

Vulnerability Analysis Result (Revision No : 1)

[ Download XML ]

CVE-2010-3283

system_management_homepage: Open redirect vulnerability in HP System Management...

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3283

Original

Open redirect vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Translation (Show)

About This Analysis Information

Analysis Information Provider:

NIST NVD

First Published:

2010-09-24

Source Information Category:

Advisory, Alert

Last Updated:

2010-09-27

Affected Product Tags

cpe:/a:hp:system_management_homepage:2.0.0

cpe:/a:hp:system_management_homepage:2.0.1

cpe:/a:hp:system_management_homepage:2.0.1.104

cpe:/a:hp:system_management_homepage:2.0.2

cpe:/a:hp:system_management_homepage:2.0.2.106

cpe:/a:hp:system_management_homepage:2.1

cpe:/a:hp:system_management_homepage:2.1.0-103

cpe:/a:hp:system_management_homepage:2.1.0-103%28a%29

cpe:/a:hp:system_management_homepage:2.1.0-109

cpe:/a:hp:system_management_homepage:2.1.0-118

cpe:/a:hp:system_management_homepage:2.1.0.121

cpe:/a:hp:system_management_homepage:2.1.1

cpe:/a:hp:system_management_homepage:2.1.10

cpe:/a:hp:system_management_homepage:2.1.10-186

cpe:/a:hp:system_management_homepage:2.1.10.186

cpe:/a:hp:system_management_homepage:2.1.10.186:b

cpe:/a:hp:system_management_homepage:2.1.10.186:c

cpe:/a:hp:system_management_homepage:2.1.11

cpe:/a:hp:system_management_homepage:2.1.11-197

cpe:/a:hp:system_management_homepage:2.1.11.197:a

cpe:/a:hp:system_management_homepage:2.1.12-118

cpe:/a:hp:system_management_homepage:2.1.12-200

cpe:/a:hp:system_management_homepage:2.1.12.201

cpe:/a:hp:system_management_homepage:2.1.14.20

cpe:/a:hp:system_management_homepage:2.1.14.204

cpe:/a:hp:system_management_homepage:2.1.15-210

cpe:/a:hp:system_management_homepage:2.1.15.210

cpe:/a:hp:system_management_homepage:2.1.2

cpe:/a:hp:system_management_homepage:2.1.2-127

cpe:/a:hp:system_management_homepage:2.1.2.127

cpe:/a:hp:system_management_homepage:2.1.3

cpe:/a:hp:system_management_homepage:2.1.3.132

cpe:/a:hp:system_management_homepage:2.1.4

cpe:/a:hp:system_management_homepage:2.1.4-143

cpe:/a:hp:system_management_homepage:2.1.4.143

cpe:/a:hp:system_management_homepage:2.1.5

cpe:/a:hp:system_management_homepage:2.1.5-146

cpe:/a:hp:system_management_homepage:2.1.5.146

cpe:/a:hp:system_management_homepage:2.1.5.146:b

cpe:/a:hp:system_management_homepage:2.1.6

cpe:/a:hp:system_management_homepage:2.1.6-156

cpe:/a:hp:system_management_homepage:2.1.6.156

cpe:/a:hp:system_management_homepage:2.1.7

cpe:/a:hp:system_management_homepage:2.1.7-168

cpe:/a:hp:system_management_homepage:2.1.7.168

cpe:/a:hp:system_management_homepage:2.1.8

cpe:/a:hp:system_management_homepage:2.1.8-177

cpe:/a:hp:system_management_homepage:2.1.8.179

cpe:/a:hp:system_management_homepage:2.1.9

cpe:/a:hp:system_management_homepage:2.1.9-178

cpe:/a:hp:system_management_homepage:2.2.6

cpe:/a:hp:system_management_homepage:2.2.8

cpe:/a:hp:system_management_homepage:3.0.0-68

cpe:/a:hp:system_management_homepage:3.0.0.64

cpe:/a:hp:system_management_homepage:3.0.1-73

cpe:/a:hp:system_management_homepage:3.0.1.73

cpe:/a:hp:system_management_homepage:3.0.2-77

cpe:/a:hp:system_management_homepage:3.0.2.77

cpe:/a:hp:system_management_homepage:3.0.2.77:b

cpe:/a:hp:system_management_homepage:6.0

cpe:/a:hp:system_management_homepage:6.0.0-95

cpe:/a:hp:system_management_homepage:6.0.0.96

cpe:/a:hp:system_management_homepage:6.1

cpe:/a:hp:system_management_homepage:6.1.0-103

cpe:/a:hp:system_management_homepage:6.1.0.102 and previous versions

Vulnerability Analysis Results

[Access Vector] ^[?]

Undefined^[?]

Local^[?]

Adjacent Network^[?]

Network^[?]

[Access Complexit] ^[?]

Undefined^[?]

High^[?]

Medium^[?]

Low^[?]

[Authentication] ^[?]

Undefined^[?]

Multiple^[?]

Single^[?]

None^[?]

[Confidentiality Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Integrity Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Availability Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

Alternatives

References

HP HPSBMA02584

HP SSRT100230

Vulnerability Type Input Validation (CWE-20)