Cross-Site Request Forgery Vulnerability in HP Insight Control Power Management
CVE-2010-4024

Currently unrated

Key Information:

Vendor: HP
Status: Insight Control Power Management
Vendor: CVE Published:; 28 October 2010

Summary

A cross-site request forgery (CSRF) vulnerability exists in HP Insight Control Power Management prior to version 6.2. This security flaw enables attackers to exploit user sessions, potentially hijacking the authentication of unsuspecting users through various methods. This vulnerability poses a risk as it may allow unauthorized actions to be performed on behalf of legitimate users without their knowledge.

References

http://marc.info/?l=bugtraq&m=128811282526943&w=2

vendor-advisoryx_refsource_HP

http://www.securitytracker.com/id?1024642

vdb-entryx_refsource_SECTRACK

http://marc.info/?l=bugtraq&m=128811282526943&w=2

vendor-advisoryx_refsource_HP

Timeline

Vulnerability published
Oct 28, 2010
Vulnerability Reserved
Oct 21, 2010