ID de Prueba:	1.3.6.1.4.1.25623.1.0.804858
Categoría:	Web application abuses
Título:	HP/HPE System Management Homepage (SMH) Multiple Vulnerabilities (HPSBMU03112)
Resumen:	HP/HPE System Management Homepage (SMH) is prone to multiple; vulnerabilities.
Descripción:	Summary: HP/HPE System Management Homepage (SMH) is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are exists due to: - An error as HTTP requests to certain scripts do not require multiple steps, explicit confirmation, or a unique token when performing sensitive actions. - An error as application does not validate user-supplied input. - An unspecified error. Vulnerability Impact: Successful exploitation will allow remote attackers to perform clickjacking attacks, perform a Cross-Site Request Forgery attack or execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server. Affected Software/OS: HP/HPE SMH prior to version 7.4. Solution: Update to version 7.4 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4545 Debian Security Information: DSA-2798 (Google Search) http://www.debian.org/security/2013/dsa-2798 HPdes Security Advisory: HPSBMU03112 https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04463322 SuSE Security Announcement: openSUSE-SU-2013:1859 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00047.html SuSE Security Announcement: openSUSE-SU-2013:1865 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00053.html http://www.ubuntu.com/usn/USN-2048-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-6420 BugTraq ID: 64225 http://www.securityfocus.com/bid/64225 Debian Security Information: DSA-2816 (Google Search) http://www.debian.org/security/2013/dsa-2816 HPdes Security Advisory: SSRT101447 https://www.sektioneins.de/advisories/advisory-012013-php-openssl_x509_parse-memory-corruption-vulnerability.html RedHat Security Advisories: RHSA-2013:1813 http://rhn.redhat.com/errata/RHSA-2013-1813.html RedHat Security Advisories: RHSA-2013:1815 http://rhn.redhat.com/errata/RHSA-2013-1815.html RedHat Security Advisories: RHSA-2013:1824 http://rhn.redhat.com/errata/RHSA-2013-1824.html RedHat Security Advisories: RHSA-2013:1825 http://rhn.redhat.com/errata/RHSA-2013-1825.html RedHat Security Advisories: RHSA-2013:1826 http://rhn.redhat.com/errata/RHSA-2013-1826.html http://www.securitytracker.com/id/1029472 http://secunia.com/advisories/59652 SuSE Security Announcement: openSUSE-SU-2013:1963 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00125.html SuSE Security Announcement: openSUSE-SU-2013:1964 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00126.html http://www.ubuntu.com/usn/USN-2055-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-6422 Debian Security Information: DSA-2824 (Google Search) http://www.debian.org/security/2013/dsa-2824 http://www.ubuntu.com/usn/USN-2058-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-6712 http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html https://bugs.php.net/bug.php?id=66060 RedHat Security Advisories: RHSA-2014:1765 http://rhn.redhat.com/errata/RHSA-2014-1765.html Common Vulnerability Exposure (CVE) ID: CVE-2014-2640 CERT/CC vulnerability note: VU#125228 http://www.kb.cert.org/vuls/id/125228 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322 HPdes Security Advisory: SSRT101438 HPdes Security Advisory: SSRT101633 http://www.securitytracker.com/id/1030960 Common Vulnerability Exposure (CVE) ID: CVE-2014-2641 Common Vulnerability Exposure (CVE) ID: CVE-2014-2642 HPdes Security Advisory: SSRT101701
Copyright	Copyright (C) 2014 Greenbone Networks GmbH

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.