2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2009-4185" ,
"sourceIdentifier" : "hp-security-alert@hp.com" ,
"published" : "2010-02-05T22:30:02.327" ,
2024-11-22 11:14:00 +00:00
"lastModified" : "2024-11-21T01:09:06.627" ,
2023-04-24 12:24:31 +02:00
"vulnStatus" : "Modified" ,
2024-12-08 03:06:42 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter."
} ,
{
"lang" : "es" ,
"value" : "Vulnerabilidad de ejecuci\u00f3n de comandos en sitios cruzados(XSS)en proxy/smhui/getuiinfo en HP System Management Homepage (SMH) anterior v6.0 permite a atacantes remotos inyectar c\u00f3digo web o HTML de su elecci\u00f3n a trav\u00e9s del par\u00e1metro servercert."
}
] ,
"metrics" : {
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N" ,
2024-11-22 11:14:00 +00:00
"baseScore" : 4.3 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "MEDIUM" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "PARTIAL" ,
2024-11-22 11:14:00 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 8.6 ,
"impactScore" : 2.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : true
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-79"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "3.0.2.77" ,
"matchCriteriaId" : "FBD83E8E-B1CE-4BB5-8147-2F656FD9E742"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "AD9A9442-18B7-4858-AB3A-19FE272A5C61"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "90042282-9151-4D8E-8093-D85E57BD332C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D3EF92B4-AAC3-4957-9D8F-1796C2045962"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D44CEFC1-CE95-4549-A981-C3F259075B77"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1C035D5C-90ED-4259-B05C-BEF93D81F42F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.0-103\\(a\\):*:*:*:*:*:*:*" ,
"matchCriteriaId" : "824996A5-C2CC-4FC5-8705-F6B4D69F39B6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7DBF9F0E-AA30-4E5A-B23E-DD895303245C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DA2005B3-1914-4B4B-892A-8CCC0F39EF6F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CFA42455-F9B9-49BD-BAFA-4A02C554ECE9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6426924C-AA5C-4C93-AB8B-9314CD010139"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4D7DCF4F-609A-497B-A32E-3D946EC2EE07"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A6E5C789-9827-47DF-A47C-454DF7687E59"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D85F0390-B076-4B54-9E4E-67472FF3759E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "29FE29FC-AD24-4C89-9AAC-9D49C54A5CC9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0ECF53BE-0E3A-41F8-AFD2-29CA3F2D0C22"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "20EBB25A-A1DE-4943-9EE5-0FCF21A55666"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C43EF082-E9AB-41D3-B7AF-936B84BB6AEE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B61485E4-6EC1-4886-AB47-F5BC8E72A08A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "203163D8-15E8-4F2D-A807-7643EA0D6920"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2E354FF4-5CDD-4B79-B56C-2C774B235D78"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DAC9CEFE-23C2-4455-BE6F-51D26487D3DA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B3DACC6F-DCE8-4890-BE47-488CB7B2DF77"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4D0DA8D6-3B1D-4935-855E-9431EB4BA683"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8AFAF26C-7BFE-479E-880C-B13E78780625"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "FC95912B-8C95-4CA8-BDA7-76074E20E362"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3162C720-A042-48D8-A598-5CC9845C5715"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DEDD728B-9E92-4EC8-BD61-6E1AE300CE35"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "ABEEE1E4-1883-411E-A4BA-985041880439"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7E3E3BC1-A986-4942-80FA-5911428F8E3B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7038AC00-8A30-49CB-956D-715053A920D2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F425004A-EC16-44E8-A297-21F33F802FE8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.1.15-210:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BD611329-F5D3-455D-A275-4D61429357E9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.2.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2C14DB20-E22E-466E-A3CD-C841CFDF2A6E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:2.2.8:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8881820B-29B4-41DB-AEED-5513A347E290"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:3.0.0-68:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DD0C8455-CAAC-463E-A0D6-D21B8FB1BE31"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:hp:system_management_homepage:3.0.1.73:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "70E1319D-7BA1-43AC-A4E2-69D2E885DE85"
}
]
}
]
}
] ,
"references" : [
2024-11-22 11:14:00 +00:00
{
"url" : "http://marc.info/?l=bugtraq&m=126529736830358&w=2" ,
"source" : "hp-security-alert@hp.com"
} ,
2023-04-24 12:24:31 +02:00
{
"url" : "http://marc.info/?l=bugtraq&m=126529736830358&w=2" ,
"source" : "hp-security-alert@hp.com"
} ,
2024-04-04 08:46:00 +00:00
{
"url" : "http://secunia.com/advisories/38341" ,
"source" : "hp-security-alert@hp.com" ,
"tags" : [
"Vendor Advisory"
]
} ,
2023-04-24 12:24:31 +02:00
{
"url" : "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr09-15" ,
"source" : "hp-security-alert@hp.com" ,
"tags" : [
"Exploit"
]
} ,
{
"url" : "http://www.securityfocus.com/archive/1/509195/100/0/threaded" ,
"source" : "hp-security-alert@hp.com"
} ,
{
"url" : "http://www.securityfocus.com/bid/38081" ,
"source" : "hp-security-alert@hp.com"
} ,
{
"url" : "http://www.securitytracker.com/id?1023541" ,
"source" : "hp-security-alert@hp.com"
} ,
{
"url" : "http://www.vupen.com/english/advisories/2010/0294" ,
"source" : "hp-security-alert@hp.com" ,
"tags" : [
"Vendor Advisory"
]
2024-11-22 11:14:00 +00:00
} ,
{
"url" : "http://marc.info/?l=bugtraq&m=126529736830358&w=2" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://marc.info/?l=bugtraq&m=126529736830358&w=2" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://secunia.com/advisories/38341" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr09-15" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Exploit"
]
} ,
{
"url" : "http://www.securityfocus.com/archive/1/509195/100/0/threaded" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.securityfocus.com/bid/38081" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.securitytracker.com/id?1023541" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.vupen.com/english/advisories/2010/0294" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
2023-04-24 12:24:31 +02:00
}
]
}
