Test Kennung:	1.3.6.1.4.1.25623.1.0.805692
Kategorie:	Web application abuses
Titel:	HP System Management Homepage Cross-site Request Forgery Vulnerability
Zusammenfassung:	The host is installed with HP System; Management Homepage (SMH) and is prone to cross-site request forgery; vulnerability.
Beschreibung:	Summary: The host is installed with HP System Management Homepage (SMH) and is prone to cross-site request forgery vulnerability. Vulnerability Insight: The flaw is due to certain actions via HTTP requests do not perform any validity checks to verify the requests. Vulnerability Impact: Successful exploitation will allow remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. Affected Software/OS: HP System Management Homepage before 7.5.0 Solution: Upgrade to HP System Management Homepage 7.5.0 or later. CVSS Score: 6.0 CVSS Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
Querverweis:	BugTraq ID: 75961 Common Vulnerability Exposure (CVE) ID: CVE-2015-2134 http://www.securityfocus.com/bid/75961 HPdes Security Advisory: HPSBMU03380 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04746490 HPdes Security Advisory: HPSBMU03409 http://marc.info/?l=bugtraq&m=144050155601375&w=2 HPdes Security Advisory: SSRT102109 http://www.securitytracker.com/id/1033014
Copyright	Copyright (C) 2015 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.