Skip to main content

System Management Homepage CVE-2013-2360

MEDIUM
2013-07-22 hp-security-alert@hp.com
4.0
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
4.0 MEDIUM
AV:N/AC:L/Au:S/C:N/I:N/A:P

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:L/Au:S/C:N/I:N/A:P
Attack Vector
Network
Attack Complexity
Low
Confidentiality
None
Integrity
None
Availability
P

Lifecycle Timeline

1
CVE Published
Jul 22, 2013 - 11:19 cve.org
MEDIUM 4.0

DescriptionCVE.org

Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2359.

AnalysisAI

Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2359. Affected products include: Hp System Management Homepage. Version information: before 7.2.1.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2016-5385 HIGH POC
8.1 Jul 19

PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect

CVE-2013-3576 CRITICAL POC
9.0 Jun 14

ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands vi

CVE-2015-4024 MEDIUM POC
5.0 Jun 09

Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.

CVE-2015-3145 HIGH
7.5 Apr 24

The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which

CVE-2016-5387 HIGH
8.1 Jul 19

The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from t

CVE-2016-5388 HIGH
8.1 Jul 19

Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18

CVE-2016-4543 CRITICAL POC
9.8 May 22

The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6

CVE-2016-1995 CRITICAL
9.8 Mar 18

HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors. R

CVE-2012-2012 CRITICAL
10.0 Jun 29

HP System Management Homepage (SMH) before 7.1.1 does not have an off autocomplete attribute for unspecified form fields

CVE-2012-2015 CRITICAL
9.0 Jun 29

Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote authenticated users to gain

CVE-2012-2014 CRITICAL
9.0 Jun 29

HP System Management Homepage (SMH) before 7.1.1 does not properly validate input, which allows remote authenticated use

CVE-2016-1993 HIGH
8.1 Mar 18

HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify

Share

CVE-2013-2360 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy