Lucene search
HistoryFeb 09, 2011 - 1:00 a.m.
CVE-2011-0277
cve-2011-0277
cross-site request forgery
csrf
hp power manager
hppm
vulnerability
authentication hijacking
administrators
administrative accounts
nvd
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.2 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
67.8%
Cross-site request forgery (CSRF) vulnerability in HP Power Manager (HPPM) 4.3.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts.
Affected configurations
Node
hppower_managerRange≤4.3.2
ORhppower_managerMatch4.2.5
ORhppower_managerMatch4.2.6
ORhppower_managerMatch4.2.7
ORhppower_managerMatch4.2.8
ORhppower_managerMatch4.2.9
Related
nvd
nvd
CVE-2011-0277
2011-02-09 01:00:09
cvelist
cvelist
CVE-2011-0277
2011-02-09 00:00:00
nessus
nessus
HP Power Manager Unspecified Cross-Site Request Forgery
2011-02-17 00:00:00
prion
prion
Cross site request forgery (csrf)
2011-02-09 01:00:00
openvas
openvas
HP Power Manager <= 4.3.2 Multiple Vulnerabilities
2011-02-15 00:00:00
HP Power Manager Cross Site Request Forgery (CSRF) and XSS Vulnerability
2011-02-15 00:00:00
securityvulns
securityvulns
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.2 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
67.8%
Related for CVE-2011-0277