CSRF Vulnerability in HP System Management Homepage
CVE-2015-2134

Currently unrated

Key Information:

Vendor: HP
Status: System Management Homepage
Vendor: CVE Published:; 21 July 2015

Summary

A security flaw exists in the HP System Management Homepage (SMH) prior to version 7.5.0, enabling remote authenticated users to exploit CSRF vulnerabilities. Through these vulnerabilities, attackers can hijack the authentication of unspecified victims, potentially allowing unauthorized access to sensitive information or actions. This could lead to severe security risks in managed systems.

References

http://marc.info/?l=bugtraq&m=144050155601375&w=2

vendor-advisoryx_refsource_HP

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

http://www.securityfocus.com/bid/75961

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Jul 21, 2015
Vulnerability Reserved
Feb 27, 2015