Session Hijacking Vulnerability in HP Service Manager and Service Center
CVE-2011-1860

Currently unrated

Key Information:

Vendor: HP
Status: Service Manager; Service Center
Vendor: CVE Published:; 14 June 2011

Summary

An unspecified vulnerability present in multiple versions of HP Service Manager and Service Center allows remote attackers to exploit HTTP session management flaws. This may enable attackers to capture session credentials through various means, potentially leading to unauthorized access and manipulation of user sessions. It is essential for users of these products to implement security best practices and apply any available patches to mitigate the risk.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/67911

vdb-entryx_refsource_XF

http://secunia.com/advisories/44836

third-party-advisoryx_refsource_SECUNIA

http://securityreason.com/securityalert/8273

third-party-advisoryx_refsource_SREASON

Timeline

Vulnerability published
Jun 14, 2011
Vulnerability Reserved
May 3, 2011