Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveHpCVE-2009-4185
HistoryFeb 05, 2010 - 10:30 p.m.

CVE-2009-4185

2010-02-0522:30:02
CWE-79
hp
web.nvd.nist.gov
36
hp
smh
xss
vulnerability
web script
html
servercert
nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.005

Percentile

75.9%

JSON

Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter.

Affected configurations

Nvd
Node
hpsystem_management_homepageRange3.0.2.77
OR
hpsystem_management_homepageMatch2.0.0
OR
hpsystem_management_homepageMatch2.0.1
OR
hpsystem_management_homepageMatch2.0.2
OR
hpsystem_management_homepageMatch2.1
OR
hpsystem_management_homepageMatch2.1.0-103
OR
hpsystem_management_homepageMatch2.1.0-103\(a\)
OR
hpsystem_management_homepageMatch2.1.0-109
OR
hpsystem_management_homepageMatch2.1.0-118
OR
hpsystem_management_homepageMatch2.1.1
OR
hpsystem_management_homepageMatch2.1.2
OR
hpsystem_management_homepageMatch2.1.2-127
OR
hpsystem_management_homepageMatch2.1.3
OR
hpsystem_management_homepageMatch2.1.3.132
OR
hpsystem_management_homepageMatch2.1.4
OR
hpsystem_management_homepageMatch2.1.4-143
OR
hpsystem_management_homepageMatch2.1.5
OR
hpsystem_management_homepageMatch2.1.5-146
OR
hpsystem_management_homepageMatch2.1.6
OR
hpsystem_management_homepageMatch2.1.6-156
OR
hpsystem_management_homepageMatch2.1.7
OR
hpsystem_management_homepageMatch2.1.7-168
OR
hpsystem_management_homepageMatch2.1.8
OR
hpsystem_management_homepageMatch2.1.8-177
OR
hpsystem_management_homepageMatch2.1.9
OR
hpsystem_management_homepageMatch2.1.9-178
OR
hpsystem_management_homepageMatch2.1.10
OR
hpsystem_management_homepageMatch2.1.10-186
OR
hpsystem_management_homepageMatch2.1.11
OR
hpsystem_management_homepageMatch2.1.11-197
OR
hpsystem_management_homepageMatch2.1.12-118
OR
hpsystem_management_homepageMatch2.1.12-200
OR
hpsystem_management_homepageMatch2.1.15-210
OR
hpsystem_management_homepageMatch2.2.6
OR
hpsystem_management_homepageMatch2.2.8
OR
hpsystem_management_homepageMatch3.0.0-68
OR
hpsystem_management_homepageMatch3.0.1.73
VendorProductVersionCPE
hpsystem_management_homepage*cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*
hpsystem_management_homepage2.0.0cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*
hpsystem_management_homepage2.0.1cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*
hpsystem_management_homepage2.0.2cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*
hpsystem_management_homepage2.1cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*
hpsystem_management_homepage2.1.0-103cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*
hpsystem_management_homepage2.1.0-103(a)cpe:2.3:a:hp:system_management_homepage:2.1.0-103\(a\):*:*:*:*:*:*:*
hpsystem_management_homepage2.1.0-109cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*
hpsystem_management_homepage2.1.0-118cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*
hpsystem_management_homepage2.1.1cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*
Rows per page:
1-10 of 371

Related

openvas 1
securityvulns 2
cvelist 1
nvd 1
prion 1
nessus 1
openvas
openvas
HP/HPE System Management Homepage (SMH) XSS Vulnerability (HPSBMA02504)
2010-02-11 00:00:00
securityvulns
securityvulns
[security bulletin] HPSBMA02504 SSRT090220 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS)
2010-02-04 00:00:00
HP System Management Homepage crossite scripting
2010-02-04 00:00:00
cvelist
cvelist
CVE-2009-4185
2010-02-05 22:13:00
nvd
nvd
CVE-2009-4185
2010-02-05 22:30:02
prion
prion
Cross site scripting
2010-02-05 22:30:00
nessus
nessus
HP System Management Homepage < 6.0.0.96 / 6.0.0-95 Multiple Vulnerabilities
2010-04-27 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.005

Percentile

75.9%

JSON
Related for CVE-2009-4185
openvas1securityvulns2cvelist1nvd1prion1nessus1