Cross-Site Request Forgery Vulnerability in HP System Management Homepage
CVE-2014-2641

Currently unrated

Key Information:

Vendor: HP
Status: System Management Homepage
Vendor: CVE Published:; 2 October 2014

Summary

The vulnerability in HP System Management Homepage prior to version 7.4 allows remote authenticated users to exploit CSRF weaknesses. This can result in the hijacking of user sessions, permitting attackers to perform actions on behalf of unsuspecting users, hence compromising system integrity and security. Immediate patches and precautions are recommended to safeguard against potential security breaches.

References

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

http://www.securitytracker.com/id/1030960

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Oct 2, 2014
Vulnerability Reserved
Mar 24, 2014