Cross-Site Request Forgery Vulnerability in HP Insight Control for Linux
CVE-2010-4106

Currently unrated

Key Information:

Vendor: HP
Status: Insight Control For Linux
Vendor: CVE Published:; 2 November 2010

Summary

A cross-site request forgery (CSRF) vulnerability exists in HP Insight Control for Linux prior to version 6.2. This flaw enables remote attackers to exploit the system by hijacking the authentication of affected users through unknown vectors, potentially allowing unauthorized actions without the victim's consent.

References

http://www.itrc.hp.com/service/cki/docDisplay.do?docId=em...

vendor-advisoryx_refsource_HP

http://www.securityfocus.com/bid/44537

vdb-entryx_refsource_BID

http://www.itrc.hp.com/service/cki/docDisplay.do?docId=em...

vendor-advisoryx_refsource_HP

Timeline

Vulnerability published
Nov 2, 2010
Vulnerability Reserved
Oct 27, 2010