SQL Injection Vulnerability in HP Network Automation Products
CVE-2011-2403

Currently unrated

Key Information:

Vendor: HP
Status: Network Automation
Vendor: CVE Published:; 1 August 2011

What is CVE-2011-2403?

A SQL injection vulnerability exists in HP Network Automation across several versions, allowing remote authenticated users to execute arbitrary SQL commands. This flaw can lead to unauthorized access to sensitive data and manipulation of the database, potentially compromising the integrity and availability of the application.

References

http://www.securityfocus.com/bid/48924

vdb-entryx_refsource_BID

http://securityreason.com/securityalert/8321

third-party-advisoryx_refsource_SREASON

http://marc.info/?l=bugtraq&m=131188727830971&w=2

vendor-advisoryx_refsource_HP

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 1, 2011
Vulnerability Reserved
Jun 6, 2011