Cross-Site Request Forgery in HP Insight Software Installer
CVE-2010-1971

Currently unrated

Key Information:

Vendor: HP
Status: Insight Software Installer
Vendor: CVE Published:; 15 July 2010

Summary

The HP Insight Software Installer for Windows prior to version 6.1 is susceptible to a Cross-Site Request Forgery (CSRF) vulnerability. This flaw allows malicious actors to exploit authentication processes, potentially hijacking the authentication of users through unspecified attack vectors. It poses a significant risk as it can enable attackers to execute actions on behalf of unsuspecting victims without their consent.

References

http://www.vupen.com/english/advisories/2010/1792

vdb-entryx_refsource_VUPEN

http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na...

vendor-advisoryx_refsource_HP

http://securitytracker.com/id?1024186

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 15, 2010