Cross-Site Request Forgery Vulnerability in HP ProCurve Switches
CVE-2012-5216

Currently unrated

Key Information:

Vendor: HP
Status: Procurve Switch Software; Procurve Switch 1700-24; Procurve Switch 1700-8
Vendor: CVE Published:; 28 March 2013

Summary

A cross-site request forgery (CSRF) vulnerability exists in HP ProCurve 1700-8 and 1700-24 switches, which allows remote attackers to hijack the authentication of victims. This can occur through various unknown vectors. Affected versions of the software include those earlier than VA.02.09 for 1700-8 switches and before VB.02.09 for 1700-24 switches. To mitigate risks, it is crucial for users to update their firmware to the latest versions as recommended by HP advisory documentation.

References

https://h20566.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

https://h20566.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

http://jvn.jp/en/jp/JVN48108258/index.html

third-party-advisoryx_refsource_JVN

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Mar 28, 2013